Hash: SHA256

             AUSCERT External Security Bulletin Redistribution

        Security Beta update for SUSE Manager Client Tools and Salt
                              25 January 2024


        AusCERT Security Bulletin Summary

Product:           SUSE Manager Client Tools
Publisher:         SUSE
Operating System:  SUSE
Resolution:        Patch/Upgrade
CVE Names:         CVE-2023-3128 CVE-2023-2801 CVE-2023-2183
                   CVE-2023-1410 CVE-2023-1387 CVE-2023-0594
                   CVE-2023-0507 CVE-2022-46146 CVE-2022-41723
                   CVE-2022-41715 CVE-2022-39324 CVE-2022-39307
                   CVE-2022-39306 CVE-2022-39229 CVE-2022-39201
                   CVE-2022-36062 CVE-2022-35957 CVE-2022-32149
                   CVE-2022-31130 CVE-2022-31123 CVE-2022-31107
                   CVE-2022-31097 CVE-2022-29170 CVE-2022-27664
                   CVE-2022-23552 CVE-2022-0155 CVE-2021-43815
                   CVE-2021-43813 CVE-2021-43798 CVE-2021-43138
                   CVE-2021-41244 CVE-2021-41174 CVE-2021-36222
                   CVE-2021-20228 CVE-2021-20191 CVE-2021-20180
                   CVE-2021-20178 CVE-2021-3918 CVE-2021-3807
                   CVE-2021-3711 CVE-2021-3620 CVE-2021-3583
                   CVE-2021-3447 CVE-2020-7753 

Original Bulletin: 

Comment: CVSS (Max):  9.8 CVE-2021-3711 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
         CVSS Source: [SUSE], huntr.dev, NIST
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

- --------------------------BEGIN INCLUDED TEXT--------------------

Security Beta update for SUSE Manager Client Tools and Salt

Announcement ID:  SUSE-SU-2024:0196-1
     Rating:      moderate
                    o bsc#1172110
                    o bsc#1176460
                    o bsc#1180816
                    o bsc#1180942
                    o bsc#1181119
                    o bsc#1181935
                    o bsc#1183684
                    o bsc#1187725
                    o bsc#1188061
                    o bsc#1188571
                    o bsc#1189520
                    o bsc#1191454
                    o bsc#1192154
                    o bsc#1192383
                    o bsc#1192696
                    o bsc#1192763
                    o bsc#1193492
                    o bsc#1193686
                    o bsc#1193688
                    o bsc#1197507
                    o bsc#1198903
                    o bsc#1199810
                    o bsc#1200142
                    o bsc#1200480
                    o bsc#1200591
                    o bsc#1200968
                    o bsc#1200970
                    o bsc#1201003
                    o bsc#1201059
                    o bsc#1201535
                    o bsc#1201539
                    o bsc#1202614
                    o bsc#1202945
                    o bsc#1203283
                    o bsc#1203596
                    o bsc#1203597
                    o bsc#1203599
                    o bsc#1204032
                    o bsc#1204126
                    o bsc#1204302
                    o bsc#1204303
                    o bsc#1204304
                    o bsc#1204305
                    o bsc#1204501
                    o bsc#1205207
                    o bsc#1205225
   References:      o bsc#1205227
                    o bsc#1205599
                    o bsc#1205759
                    o bsc#1207352
                    o bsc#1207749
                    o bsc#1207750
                    o bsc#1207830
                    o bsc#1208046
                    o bsc#1208049
                    o bsc#1208060
                    o bsc#1208062
                    o bsc#1208065
                    o bsc#1208270
                    o bsc#1208293
                    o bsc#1208298
                    o bsc#1208612
                    o bsc#1208692
                    o bsc#1208719
                    o bsc#1208819
                    o bsc#1208821
                    o bsc#1208965
                    o bsc#1209113
                    o bsc#1209645
                    o bsc#1210458
                    o bsc#1210640
                    o bsc#1210907
                    o bsc#1211525
                    o bsc#1212099
                    o bsc#1212100
                    o bsc#1212279
                    o bsc#1212641
                    o bsc#1218843
                    o bsc#1218844
                    o jsc#MSQA-718
                    o jsc#PED-2145
                    o jsc#PED-2617
                    o jsc#PED-3576
                    o jsc#PED-3694
                    o jsc#PED-4556
                    o jsc#PED-5405
                    o jsc#PED-5406
                    o jsc#SLE-23422
                    o jsc#SLE-23439
                    o jsc#SLE-23631
                    o jsc#SLE-24133
                    o jsc#SLE-24565
                    o jsc#SLE-24791

                    o CVE-2020-7753
                    o CVE-2021-20178
                    o CVE-2021-20180
                    o CVE-2021-20191
                    o CVE-2021-20228
                    o CVE-2021-3447
                    o CVE-2021-3583
                    o CVE-2021-3620
                    o CVE-2021-36222
                    o CVE-2021-3711
                    o CVE-2021-3807
                    o CVE-2021-3918
                    o CVE-2021-41174
                    o CVE-2021-41244
                    o CVE-2021-43138
                    o CVE-2021-43798
                    o CVE-2021-43813
                    o CVE-2021-43815
                    o CVE-2022-0155
                    o CVE-2022-23552
                    o CVE-2022-27664
                    o CVE-2022-29170
Cross-References:   o CVE-2022-31097
                    o CVE-2022-31107
                    o CVE-2022-31123
                    o CVE-2022-31130
                    o CVE-2022-32149
                    o CVE-2022-35957
                    o CVE-2022-36062
                    o CVE-2022-39201
                    o CVE-2022-39229
                    o CVE-2022-39306
                    o CVE-2022-39307
                    o CVE-2022-39324
                    o CVE-2022-41715
                    o CVE-2022-41723
                    o CVE-2022-46146
                    o CVE-2023-0507
                    o CVE-2023-0594
                    o CVE-2023-1387
                    o CVE-2023-1410
                    o CVE-2023-2183
                    o CVE-2023-2801
                    o CVE-2023-3128

                    o CVE-2020-7753 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2021-20178 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R
                    o CVE-2021-20178 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2021-20180 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R
                    o CVE-2021-20180 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2021-20191 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R
                    o CVE-2021-20191 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2021-20228 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R
                    o CVE-2021-20228 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2021-3447 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/
                    o CVE-2021-3447 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2021-3583 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/
                    o CVE-2021-3583 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2021-3620 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2021-3620 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2021-36222 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N
                    o CVE-2021-36222 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2021-3711 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2021-3711 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2021-3807 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2021-3807 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2021-3807 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2021-3918 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/
                    o CVE-2021-3918 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2021-41174 ( SUSE ): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R
                    o CVE-2021-41174 ( NVD ): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/
                    o CVE-2021-41244 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N
                    o CVE-2021-41244 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/
                    o CVE-2021-43138 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R
                    o CVE-2021-43138 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/
                    o CVE-2021-43798 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N
                    o CVE-2021-43798 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2021-43813 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N
                    o CVE-2021-43813 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/
                    o CVE-2021-43815 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N
                    o CVE-2021-43815 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/
                    o CVE-2022-0155 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/
                    o CVE-2022-23552 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R
                    o CVE-2022-23552 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/
                    o CVE-2022-27664 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N
                    o CVE-2022-27664 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2022-29170 ( SUSE ): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N
                    o CVE-2022-29170 ( NVD ): 8.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/
                    o CVE-2022-31097 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R
  CVSS scores:        /S:U/C:H/I:H/A:N
                    o CVE-2022-31097 ( NVD ): 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/
                    o CVE-2022-31107 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N
                    o CVE-2022-31107 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/
                    o CVE-2022-31123 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:R
                    o CVE-2022-31123 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/
                    o CVE-2022-31130 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N
                    o CVE-2022-31130 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2022-32149 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N
                    o CVE-2022-32149 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2022-35957 ( SUSE ): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N
                    o CVE-2022-35957 ( NVD ): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/
                    o CVE-2022-36062 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N
                    o CVE-2022-36062 ( NVD ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/
                    o CVE-2022-39201 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N
                    o CVE-2022-39201 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2022-39229 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N
                    o CVE-2022-39229 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/
                    o CVE-2022-39306 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R
                    o CVE-2022-39306 ( NVD ): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/
                    o CVE-2022-39307 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N
                    o CVE-2022-39307 ( NVD ): 6.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/
                    o CVE-2022-39324 ( SUSE ): 6.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R
                    o CVE-2022-39324 ( NVD ): 6.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/
                    o CVE-2022-41715 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N
                    o CVE-2022-41715 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2022-41723 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N
                    o CVE-2022-41723 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2022-46146 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N
                    o CVE-2022-46146 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/
                    o CVE-2023-0507 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/
                    o CVE-2023-0507 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/
                    o CVE-2023-0594 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/
                    o CVE-2023-0594 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/
                    o CVE-2023-1387 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/
                    o CVE-2023-1387 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/
                    o CVE-2023-1410 ( SUSE ): 5.7 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/
                    o CVE-2023-1410 ( NVD ): 6.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/
                    o CVE-2023-2183 ( SUSE ): 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/
                    o CVE-2023-2183 ( NVD ): 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/
                    o CVE-2023-2801 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2023-2801 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2023-3128 ( SUSE ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
                    o CVE-2023-3128 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/

                    o openSUSE Leap 15.3
                    o openSUSE Leap 15.4
                    o openSUSE Leap 15.5
                    o SUSE Linux Enterprise Desktop 15
                    o SUSE Linux Enterprise Desktop 15 SP1
                    o SUSE Linux Enterprise Desktop 15 SP2
                    o SUSE Linux Enterprise Desktop 15 SP3
                    o SUSE Linux Enterprise Desktop 15 SP4
                    o SUSE Linux Enterprise Desktop 15 SP5
                    o SUSE Linux Enterprise High Performance Computing 15
                    o SUSE Linux Enterprise High Performance Computing 15 SP1
                    o SUSE Linux Enterprise High Performance Computing 15 SP2
                    o SUSE Linux Enterprise High Performance Computing 15 SP3
                    o SUSE Linux Enterprise High Performance Computing 15 SP4
                    o SUSE Linux Enterprise High Performance Computing 15 SP5
                    o SUSE Linux Enterprise Micro 5.0
                    o SUSE Linux Enterprise Micro 5.1
                    o SUSE Linux Enterprise Micro 5.2
                    o SUSE Linux Enterprise Micro 5.3
    Affected        o SUSE Linux Enterprise Micro 5.4
    Products:       o SUSE Linux Enterprise Micro 5.5
                    o SUSE Linux Enterprise Real Time 15 SP1
                    o SUSE Linux Enterprise Real Time 15 SP2
                    o SUSE Linux Enterprise Real Time 15 SP3
                    o SUSE Linux Enterprise Real Time 15 SP4
                    o SUSE Linux Enterprise Real Time 15 SP5
                    o SUSE Linux Enterprise Server 15
                    o SUSE Linux Enterprise Server 15 SP1
                    o SUSE Linux Enterprise Server 15 SP2
                    o SUSE Linux Enterprise Server 15 SP3
                    o SUSE Linux Enterprise Server 15 SP4
                    o SUSE Linux Enterprise Server 15 SP5
                    o SUSE Linux Enterprise Server for SAP Applications 15
                    o SUSE Linux Enterprise Server for SAP Applications 15 SP1
                    o SUSE Linux Enterprise Server for SAP Applications 15 SP2
                    o SUSE Linux Enterprise Server for SAP Applications 15 SP3
                    o SUSE Linux Enterprise Server for SAP Applications 15 SP4
                    o SUSE Linux Enterprise Server for SAP Applications 15 SP5
                    o SUSE Manager Client Tools Beta for SLE 15
                    o SUSE Manager Client Tools Beta for SLE Micro 5

An update that solves 44 vulnerabilities, contains 14 features and has 35
security fixes can now be installed.


This update fixes the following issues:


  o Update to version 2.9.27 (jsc#SLE-23631) (jsc#SLE-24133)
  o bsc#1187725 CVE-2021-3620 ansible-connection module discloses sensitive
    info in traceback error message (in 2.9.27)
  o bsc#1188061 CVE-2021-3583 Template Injection through yaml multi-line
    strings with ansible facts used in template. (in 2.9.23)
  o bsc#1176460 gh#ansible/ansible#72094 ansible module nmcli is broken in
    ansible 2.9.13 (in 2.9.15)
  o Update to 2.9.22:
  o CVE-2021-3447 (bsc#1183684) multiple modules expose secured values
  o CVE-2021-20228 (bsc#1181935) basic.py no_log with fallback option
  o CVE-2021-20191 (bsc#1181119) multiple collections exposes secured values
  o CVE-2021-20180 (bsc#1180942) bitbucket_pipeline_variable exposes sensitive
  o CVE-2021-20178 (bsc#1180816) user data leak in snmp_facts module


  o Update to version 0.1.1681904360.84ef141
  o Load network configuration even when missing protocol version (bsc#1210640)
  o Update to verion 0.1.1674034019.a93ff61
  o Install copied wicked config as client.xml (bsc#1205599)
  o Update to version 0.1.1673279145.e7616bd
  o Add failsafe stop file when salt-minion does not stop (bsc#1172110)
  o Copy existing wicked config instead of generating new (bsc#1205599)
  o Update to version 0.1.1665997480.587fa10
  o Add dependencies on xz and gzip to support compressed images
  o Update to version 0.1.1661440542.6cbe0da
  o Use standard susemanager.conf
  o Move image services to dracut-saltboot package
  o Use salt bundle
  o Require e2fsprogs (bsc#1202614)
  o Update to version 0.1.1657643023.0d694ce
  o Update dracut-saltboot dependencies (bsc#1200970)
  o Fix network loading when ipappend is used in pxe config
  o Add new information messages


  o Remove license file from %doc
  o Exclude s390 arch
  o Adapted to build on Enterprise Linux.
  o Fix build for RedHat 7
  o Require Go >= 1.14 also for CentOS
  o Add support for CentOS
  o Replace %{?systemd_requires} with %{?systemd_ordering}


  o Exclude s390 architecture (gh#SUSE/spacewalk#19050)
  o Enhanced to build on Enterprise Linux 8.


  o Do not strip if SUSE Linux Enterprise 15 SP3
  o Exclude debug for RHEL >= 8
  o Build with Go >= 1.20 when the OS is not RHEL
  o Spec file clean up
  o Fix apparmor profile for SLE 12
  o Do not build with apparmor profile for SLE 12
  o Upgrade to version 1.0.0 (jsc#PED-5405)
  o Improved flag parsing
  o Added support for custom headers
  o Build with Go 1.19
  o Build using promu
  o Add _service file
  o Fix sandboxing options
  o Upgrade to version 0.13.4
  o Fix denial of service vulnerability (CVE-2022-32149, bsc#1204501)
  o Upgrade to version 0.13.3
  o Fix uncontrolled resource consumption (CVE-2022-41723, bsc#1208270)
  o Upgrade to version 0.13.1
  o Fix panic caused by missing flagConfig options
  o Upgrade to version 0.13.0
  o Fix authentication bypass vulnarability (CVE-2022-46146, bsc#1208046)
  o Corrected comment in AppArmor profile
  o Added AppArmor profile
  o Added sandboxing options to systemd service unit
  o Exclude s390 architecture (gh#SUSE/spacewalk#19050)
  o Update to upstream release 0.11.0 (jsc#SLE-24791)
  o Add TLS support
  o Switch to logger, please check --log.level and --log.format flags
  o Update to version 0.10.1
  o Bugfix: Reset ProxyBalancer metrics on each scrape to remove stale data
  o Update to version 0.10.0
  o Add Apache Proxy and other metrics
  o Update to version 0.8.0
  o Change commandline flags
  o Add metrics: Apache version, request duration total
  o Adapted to build on Enterprise Linux 8
  o Require building with Go 1.15
  o Add support for RedHat 8
  o Adjust dependencies on spec file
  o Disable dwarf compression in go build
  o Add support for Red Hat
  o Add %license macro for LICENSE file


  o Update to 2.45.0 (jsc#PED-5406):
  o [FEATURE] API: New limit parameter to limit the number of items returned by
    /api/v1/status/tsdb endpoint.
  o [FEATURE] Config: Add limits to global config.
  o [FEATURE] Consul SD: Added support for path_prefix .
  o [FEATURE] Native histograms: Add option to scrape both classic and native
  o [FEATURE] Native histograms: Added support for two more arithmetic
    operators avg_over_time and sum_over_time .
  o [FEATURE] Promtool: When providing the block id, only one block will be
    loaded and analyzed.
  o [FEATURE] Remote-write: New Azure ad configuration to support remote
    writing directly to Azure Monitor workspace.
  o [FEATURE] TSDB: Samples per chunk are now configurable with flag
    storage.tsdb.samples-per-chunk . By default set to its former value 120.
  o [ENHANCEMENT] Native histograms: bucket size can now be limited to avoid
    scrape fails.
  o [ENHANCEMENT] TSDB: Dropped series are now deleted from the WAL sooner.
  o [BUGFIX] Native histograms: ChunkSeries iterator now checks if a new sample
    can be appended to the open chunk.
  o [BUGFIX] Native histograms: Fix Histogram Appender Appendable() segfault.
  o [BUGFIX] Native histograms: Fix setting reset header to gauge histograms in
  o [BUGFIX] TSDB: Tombstone intervals are not modified after Get() call.
  o [BUGFIX] TSDB: Use path/filepath to set the WAL directory.
  o Update to 2.44.0:
  o [FEATURE] Remote-read: Handle native histograms.
  o [FEATURE] Promtool: Health and readiness check of prometheus server in CLI.
  o [FEATURE] PromQL: Add query_samples_total metric, the total number of
    samples loaded by all queries.
  o [ENHANCEMENT] Storage: Optimise buffer used to iterate through samples.
  o [ENHANCEMENT] Scrape: Reduce memory allocations on target labels.
  o [ENHANCEMENT] PromQL: Use faster heap method for topk() / bottomk() .
  o [ENHANCEMENT] Rules API: Allow filtering by rule name.
  o [ENHANCEMENT] Native Histograms: Various fixes and improvements.
  o [ENHANCEMENT] UI: Search of scraping pools is now case-insensitive.
  o [ENHANCEMENT] TSDB: Add an affirmative log message for successful WAL
  o [BUGFIX] TSDB: Block compaction failed when shutting down.
  o [BUGFIX] TSDB: Out-of-order chunks could be ignored if the write-behind log
    was deleted.
  o Update to 2.43.1
  o [BUGFIX] Labels: Set() after Del() would be ignored, which broke some
    relabeling rules.
  o Update to 2.43.0:
  o [FEATURE] Promtool: Add HTTP client configuration to query commands.
  o [FEATURE] Scrape: Add include_scrape_configs to include scrape configs from
    different files.
  o [FEATURE] HTTP client: Add no_proxy to exclude URLs from proxied requests.
  o [FEATURE] HTTP client: Add proxy_from_enviroment to read proxies from env
  o [ENHANCEMENT] API: Add support for setting lookback delta per query via the
  o [ENHANCEMENT] API: Change HTTP status code from 503/422 to 499 if a request
    is canceled.
  o [ENHANCEMENT] Scrape: Allow exemplars for all metric types.
  o [ENHANCEMENT] TSDB: Add metrics for head chunks and WAL folders size.
  o [ENHANCEMENT] TSDB: Automatically remove incorrect snapshot with index that
    is ahead of WAL.
  o [ENHANCEMENT] TSDB: Improve Prometheus parser error outputs to be more
  o [ENHANCEMENT] UI: Scope group by labels to metric in autocompletion.
  o [BUGFIX] Scrape: Fix prometheus_target_scrape_pool_target_limit metric not
    set before reloading.
  o [BUGFIX] TSDB: Correctly update prometheus_tsdb_head_chunks_removed_total
    and prometheus_tsdb_head_chunks metrics when reading WAL.
  o [BUGFIX] TSDB: Use the correct unit (seconds) when recording out-of-order
    append deltas in the prometheus_tsdb_sample_ooo_delta metric.
  o Update to 2.42.0: This release comes with a bunch of feature coverage for
    native histograms and breaking changes. If you are trying native histograms
    already, we recommend you remove the wal directory when upgrading. Because
    the old WAL record for native histograms is not backward compatible in
    v2.42.0, this will lead to some data loss for the latest data.
    Additionally, if you scrape "float histograms" or use recording rules on
    native histograms in v2.42.0 (which writes float histograms), it is a
    one-way street since older versions do not support float histograms.
  o [CHANGE] breaking TSDB: Changed WAL record format for the experimental
    native histograms.
  o [FEATURE] Add 'keep_firing_for' field to alerting rules.
  o [FEATURE] Promtool: Add support of selecting timeseries for TSDB dump.
  o [ENHANCEMENT] Agent: Native histogram support.
  o [ENHANCEMENT] Rules: Support native histograms in recording rules.
  o [ENHANCEMENT] SD: Add container ID as a meta label for pod targets for
  o [ENHANCEMENT] SD: Add VM size label to azure service discovery.
  o [ENHANCEMENT] Support native histograms in federation.
  o [ENHANCEMENT] TSDB: Add gauge histogram support.
  o [ENHANCEMENT] TSDB/Scrape: Support FloatHistogram that represents buckets
    as float64 values.
  o [ENHANCEMENT] UI: Show individual scrape pools on /targets page.
  o Update to 2.41.0:
  o [FEATURE] Relabeling: Add keepequal and dropequal relabel actions.
  o [FEATURE] Add support for HTTP proxy headers.
  o [ENHANCEMENT] Reload private certificates when changed on disk.
  o [ENHANCEMENT] Add max_version to specify maximum TLS version in tls_config.
  o [ENHANCEMENT] Add goos and goarch labels to prometheus_build_info.
  o [ENHANCEMENT] SD: Add proxy support for EC2 and LightSail SDs.
  o [ENHANCEMENT] SD: Add new metric prometheus_sd_file_watcher_errors_total.
  o [ENHANCEMENT] Remote Read: Use a pool to speed up marshalling.
  o [ENHANCEMENT] TSDB: Improve handling of tombstoned chunks in iterators.
  o [ENHANCEMENT] TSDB: Optimize postings offset table reading.
  o [BUGFIX] Scrape: Validate the metric name, label names, and label values
    after relabeling.
  o [BUGFIX] Remote Write receiver and rule manager: Fix error handling.
  o Update to 2.40.7:
  o [BUGFIX] TSDB: Fix queries involving negative buckets of native histograms.
  o Update to 2.40.5:
  o [BUGFIX] TSDB: Fix queries involving native histograms due to improper
    reset of iterators.
  o Update to 2.40.3:
  o [BUGFIX] TSDB: Fix compaction after a deletion is called.
  o Update to 2.40.2:
  o [BUGFIX] UI: Fix black-on-black metric name color in dark mode.
  o Update to 2.40.1:
  o [BUGFIX] TSDB: Fix alignment for atomic int64 for 32 bit architecture.
  o [BUGFIX] Scrape: Fix accept headers.
  o Update to 2.40.0:
  o [FEATURE] Add experimental support for native histograms. Enable with the
    flag --enable-feature=native-histograms.
  o [FEATURE] SD: Add service discovery for OVHcloud.
  o [ENHANCEMENT] Kubernetes SD: Use protobuf encoding.
  o [ENHANCEMENT] TSDB: Use golang.org/x/exp/slices for improved sorting speed.
  o [ENHANCEMENT] Consul SD: Add enterprise admin partitions. Adds
    __meta_consul_partition label. Adds partition config in consul_sd_config.
  o [BUGFIX] API: Fix API error codes for /api/v1/labels and /api/v1/series.
  o Update to 2.39.1:
  o [BUGFIX] Rules: Fix notifier relabel changing the labels on active alerts.
  o Update to 2.39.0:
  o [FEATURE] experimental TSDB: Add support for ingesting out-of-order
    samples. This is configured via out_of_order_time_window field in the
    config file; check config file docs for more info.
  o [ENHANCEMENT] API: /-/healthy and /-/ready API calls now also respond to a
    HEAD request on top of existing GET support.
  o [ENHANCEMENT] PuppetDB SD: Add __meta_puppetdb_query label.
  o [ENHANCEMENT] AWS EC2 SD: Add __meta_ec2_region label.
  o [ENHANCEMENT] AWS Lightsail SD: Add __meta_lightsail_region label.
  o [ENHANCEMENT] Scrape: Optimise relabeling by re-using memory.
  o [ENHANCEMENT] TSDB: Improve WAL replay timings.
  o [ENHANCEMENT] TSDB: Optimise memory by not storing unnecessary data in the
  o [ENHANCEMENT] TSDB: Allow overlapping blocks by default.
    --storage.tsdb.allow-overlapping-blocks now has no effect.
  o [ENHANCEMENT] UI: Click to copy label-value pair from query result to
  o [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a memory leak.
  o [BUGFIX] TSDB: Fix 'invalid magic number 0' error on Prometheus startup.
  o [BUGFIX] PromQL: Properly close file descriptor when logging unfinished
  o [BUGFIX] Agent: Fix validation of flag options and prevent WAL from growing
    more than desired.
  o Update to 2.38.0:
  o [FEATURE]: Web: Add a /api/v1/format_query HTTP API endpoint that allows
    pretty-formatting PromQL expressions.
  o [FEATURE]: UI: Add support for formatting PromQL expressions in the UI.
  o [FEATURE]: DNS SD: Support MX records for discovering targets.
  o [FEATURE]: Templates: Add toTime() template function that allows converting
    sample timestamps to Go time.Time values.
  o [ENHANCEMENT]: Kubernetes SD: Add __meta_kubernetes_service_port_number
    meta label indicating the service port number.
    __meta_kubernetes_pod_container_image meta label indicating the container
  o [ENHANCEMENT]: PromQL: When a query panics, also log the query itself
    alongside the panic message.
  o [ENHANCEMENT]: UI: Tweak colors in the dark theme to improve the contrast
  o [ENHANCEMENT]: Web: Speed up calls to /api/v1/rules by avoiding locks and
    using atomic types instead.
  o [ENHANCEMENT]: Scrape: Add a no-default-scrape-port feature flag, which
    omits or removes any default HTTP (:80) or HTTPS (:443) ports in the
    target's scrape address.
  o [BUGFIX]: TSDB: In the WAL watcher metrics, expose the type="exemplar"
    label instead of type="unknown" for exemplar records.
  o [BUGFIX]: TSDB: Fix race condition around allocating series IDs during
    chunk snapshot loading.
  o Remove npm_licenses.tar.bz2 during "make clean"
  o Remove web-ui archives during "make clean".
  o Require promu >= 0.14.0 for building
  o Drop:
  o Upgrade to version 2.37.6
  o Require Go 1.19
  o Upgrade to version 2.37.5
  o [SECURITY] Security upgrade from go and upstream dependencies that include
    security fixes to the net/http and os packages.
  o Upgrade to version 2.37.4
  o [SECURITY] Fix basic authentication bypass vulnerability (CVE-2022-46146,
    bsc#1208049, jsc#PED-3576).
  o Upgrade to version 2.37.3
  o [BUGFIX] Update our regexp library to fix upstream CVE-2022-41715.
  o Upgrade to version 2.37.2
  o Upgrade to version 2.37.1
  o [BUGFIX] Properly close file descriptor when logging unfinished queries.
  o [BUGFIX] TSDB: In the WAL watcher metrics, expose the
  o Upgrade to version 2.37.0
  o [FEATURE] Nomad SD: New service discovery for Nomad built-in service
  o [ENHANCEMENT] Kubernetes SD: Allow attaching node labels for endpoint role.
  o [ENHANCEMENT] PromQL: Optimise creation of signature with/without labels.
  o [ENHANCEMENT] TSDB: Memory optimizations.
  o [ENHANCEMENT] TSDB: Reduce sleep time when reading WAL.
  o [ENHANCEMENT] OAuth2: Add appropriate timeouts and User-Agent header.
  o [BUGFIX] Alerting: Fix Alertmanager targets not being updated when alerts
    were queued.
  o [BUGFIX] Hetzner SD: Make authentication files relative to Prometheus
    config file.
  o [BUGFIX] Promtool: Fix promtool check config not erroring properly on
  o [BUGFIX] Scrape: Keep relabeled scrape interval and timeout on reloads.
  o [BUGFIX] TSDB: Don't increment prometheus_tsdb_compactions_failed_total
    when context is canceled.
  o [BUGFIX] TSDB: Fix panic if series is not found when deleting series.
  o [BUGFIX] TSDB: Increase prometheus_tsdb_mmap_chunk_corruptions_total on out
    of sequence errors.
  o [BUGFIX] Uyuni SD: Make authentication files relative to Prometheus
    configuration file and fix default configuration values.
  o Upgrade to version 2.36.2
  o [BUGFIX] Fix serving of static assets like fonts and favicon.
  o Upgrade to version 2.36.1
  o [BUGFIX] promtool: Add --lint-fatal option.
  o Upgrade to version 2.36.0
  o [FEATURE] Add lowercase and uppercase relabel action.
  o [FEATURE] SD: Add IONOS Cloud integration.
  o [FEATURE] SD: Add Vultr integration.
  o [FEATURE] SD: Add Linode SD failure count metric.
  o [FEATURE] Add prometheus_ready metric.
  o [ENHANCEMENT] Add stripDomain to template function.
  o [ENHANCEMENT] UI: Enable active search through dropped targets.
  o [ENHANCEMENT] promtool: support matchers when querying label
  o [ENHANCEMENT] Add agent mode identifier.
  o [BUGFIX] Changing TotalQueryableSamples from int to int64.
  o [BUGFIX] tsdb/agent: Ignore duplicate exemplars.
  o [BUGFIX] TSDB: Fix chunk overflow appending samples at a variable rate.
  o [BUGFIX] Stop rule manager before TSDB is stopped.
  o Upgrade to version 2.35.0
  o [CHANGE] TSDB: Delete *.tmp WAL files when Prometheus starts.
  o [CHANGE] promtool: Add new flag --lint (enabled by default) for the
    commands check rules and check config, resulting in a new exit code (3) for
    linter errors.
  o [FEATURE] Support for automatically setting the variable GOMAXPROCS to the
    container CPU limit. Enable with the flag --enable-feature=auto-gomaxprocs.
  o [FEATURE] PromQL: Extend statistics with total and peak number of samples
    in a query. Additionally, per-step statistics are available with
    --enable-feature=promql-per-step-stats and using stats=all in the query
    API. Enable with the flag --enable-feature=per-step-stats.
  o [ENHANCEMENT] TSDB: more efficient sorting of postings read from WAL at
  o [ENHANCEMENT] Azure SD: Add metric to track Azure SD failures.
  o [ENHANCEMENT] Azure SD: Add an optional resource_group configuration.
  o [ENHANCEMENT] Kubernetes SD: Support discovery.k8s.io/v1 EndpointSlice
    (previously only discovery.k8s.io/v1beta1 EndpointSlice was supported).
  o [ENHANCEMENT] Kubernetes SD: Allow attaching node metadata to discovered
  o [ENHANCEMENT] OAuth2: Support for using a proxy URL to fetch OAuth2 tokens.
  o [ENHANCEMENT] Configuration: Add the ability to disable HTTP2.
  o [ENHANCEMENT] Config: Support overriding minimum TLS version.
  o [BUGFIX] Kubernetes SD: Explicitly include gcp auth from k8s.io.
  o [BUGFIX] Fix OpenMetrics parser to sort uppercase labels correctly.
  o [BUGFIX] UI: Fix scrape interval and duration tooltip not showing on target
  o [BUGFIX] Tracing/GRPC: Set TLS credentials only when insecure is false.
  o [BUGFIX] Agent: Fix ID collision when loading a WAL with multiple segments.
  o [BUGFIX] Remote-write: Fix a deadlock between Batch and flushing the queue.
  o Upgrade to version 2.34.0
  o [CHANGE] UI: Classic UI removed.
  o [CHANGE] Tracing: Migrate from Jaeger to OpenTelemetry based tracing.
  o [ENHANCEMENT] TSDB: Disable the chunk write queue by default and allow
    configuration with the experimental flag
  o [ENHANCEMENT] HTTP SD: Add a failure counter.
  o [ENHANCEMENT] Azure SD: Set Prometheus User-Agent on requests.
  o [ENHANCEMENT] Uyuni SD: Reduce the number of logins to Uyuni.
  o [ENHANCEMENT] Scrape: Log when an invalid media type is encountered during
    a scrape.
  o [ENHANCEMENT] Scrape: Accept application/openmetrics-text;version=1.0.0 in
    addition to version=0.0.1.
  o [ENHANCEMENT] Remote-read: Add an option to not use external labels as
    selectors for remote read.
  o [ENHANCEMENT] UI: Optimize the alerts page and add a search bar.
  o [ENHANCEMENT] UI: Improve graph colors that were hard to see.
  o [ENHANCEMENT] Config: Allow escaping of $ with $$ when using environment
    variables with external labels.
  o [BUGFIX] PromQL: Properly return an error from histogram_quantile when
    metrics have the same labelset.
  o [BUGFIX] UI: Fix bug that sets the range input to the resolution.
  o [BUGFIX] TSDB: Fix a query panic when memory-snapshot-on-shutdown is
  o [BUGFIX] Parser: Specify type in metadata parser errors.
  o [BUGFIX] Scrape: Fix label limit changes not applying.
  o Upgrade to version 2.33.5
  o [BUGFIX] Remote-write: Fix deadlock between adding to queue and getting
  o Upgrade to version 2.33.4
  o [BUGFIX] TSDB: Fix panic when m-mapping head chunks onto the disk.
  o Upgrade to version 2.33.3
  o [BUGFIX] Azure SD: Fix a regression when public IP Address isn't set.
  o Upgrade to version 2.33.2
  o [BUGFIX] Azure SD: Fix panic when public IP Address isn't set.
  o [BUGFIX] Remote-write: Fix deadlock when stopping a shard.
  o Upgrade to version 2.33.1
  o [BUGFIX] SD: Fix no such file or directory in K8s SD when not running
    inside K8s.
  o Upgrade to version 2.33.0
  o [CHANGE] PromQL: Promote negative offset and @ modifer to stable features.
  o [CHANGE] Web: Promote remote-write-receiver to stable.
  o [FEATURE] Config: Add stripPort template function.
  o [FEATURE] Promtool: Add cardinality analysis to check metrics, enabled by
    flag --extended.
  o [FEATURE] SD: Enable target discovery in own K8s namespace.
  o [FEATURE] SD: Add provider ID label in K8s SD.
  o [FEATURE] Web: Add limit field to the rules API.
  o [ENHANCEMENT] Remote-write: Avoid allocations by buffering concrete structs
    instead of interfaces.
  o [ENHANCEMENT] Remote-write: Log time series details for out-of-order
    samples in remote write receiver.
  o [ENHANCEMENT] Remote-write: Shard up more when backlogged.
  o [ENHANCEMENT] TSDB: Use simpler map key to improve exemplar ingest
  o [ENHANCEMENT] TSDB: Avoid allocations when popping from the intersected
    postings heap.
  o [ENHANCEMENT] TSDB: Make chunk writing non-blocking, avoiding latency
    spikes in remote-write.
  o [ENHANCEMENT] TSDB: Improve label matching performance.
  o [ENHANCEMENT] UI: Optimize the service discovery page and add a search bar.
  o [ENHANCEMENT] UI: Optimize the target page and add a search bar.
  o [BUGFIX] Promtool: Make exit codes more consistent.
  o [BUGFIX] Promtool: Fix flakiness of rule testing.
  o [BUGFIX] Remote-write: Update
    prometheus_remote_storage_queue_highest_sent_timestamp_seconds metric when
    write irrecoverably fails.
  o [BUGFIX] Storage: Avoid panic in BufferedSeriesIterator.
  o [BUGFIX] TSDB: CompactBlockMetas should produce correct mint/maxt for
    overlapping blocks.
  o [BUGFIX] TSDB: Fix logging of exemplar storage size.
  o [BUGFIX] UI: Fix overlapping click targets for the alert state checkboxes.
  o [BUGFIX] UI: Fix Unhealthy filter on target page to actually display only
    Unhealthy targets.
  o [BUGFIX] UI: Fix autocompletion when expression is empty.
  o [BUGFIX] TSDB: Fix deadlock from simultaneous GC and write.
  o Fix authentication bypass by updating Prometheus Exporter Toolkit to
    version 0.7.3 (CVE-2022-46146, bsc#1208049)
  o Fix uncontrolled resource consumption by updating Go to version 1.20.1
    (CVE-2022-41723, bsc#1208298)
  o Restructure the spec to build web assets online
  o Makefile


  o Update to version 9.5.8:
  o Features and enhancements GenericOAuth: Set sub as auth id
  o Bug fixes: DataSourceProxy: Fix url validation error handling
  o Update to version 9.5.7: Alerting: Sort NumberCaptureValues in
    EvaluationString Alerting: Improve performance of matching captures
    Alerting: No longer silence paused alerts during legacy migration Alerting:
    Remove and revert flag alertingBigTransactions Alerting: Migrate unknown
    NoData\Error settings to the default Tracing: supply Grafana build version
    Tempo: Escape regex-sensitive characters in span name before building
    promql query Plugins: Only configure plugin proxy transport once Alerting:
    Fix unique violation when updating rule group with title chains/cycles
    Prometheus: Version detect bug Prometheus: Fix heatmap format with no data
    Database: Change getExistingDashboardByTitleAndFolder to get dashboard by
    title, not slug Alerting: Convert 'Both' type Prometheus queries to 'Range'
    in SQLStore: Fix Postgres dialect treating "false" migrator default as true
    Alerting: Support newer http_config struct InfluxDB: Interpolate retention
    policies StatusHistory: Fix rendering of value-mapped null Alerting: Fix
    provenance guard checks for Alertmanager configuration to not cause panic
    when compared nested objects AnonymousAuth: Fix concurrent read-write crash
    AzureMonitor: Ensure legacy properties containing template variables are
    correctly migrated Explore: Remove data source onboarding page Dashboard:
    Re-align Save form Azure Monitor: Fix bug that did not show alert rule
    preview Histogram: Respect min/max panel settings for x-axis Heatmap: Fix
    color rendering for value ranges < 1 Heatmap: Handle unsorted timestamps in
    calculate mode Google Cloud Monitor: Fix mem usage for dropdown
    AzureMonitor: Fix logs query multi-resource and timespan values Utils:
    Reimplement util.GetRandomString to avoid modulo bias Alerting: Fix
    matching labels with spaces in their values Dashboard: Fix applying
    timezone to datetime variables Dashboard: Fix panel description event
    triggering every time panel is rendered Tempo: Fix get label values based
    on CoreApp type Heatmap: Fix log scale editor Dashboard: Fix disappearing
    panel when viewed panel is refreshed Prometheus: Fix bug in creating
    autocomplete queries with labels Prometheus: Fix Query Inspector expression
    range value Alerting: Fix migration failing if alert_configuration table is
    not empty InfluxDB: Fix querying retention policies on flux mode
  o Update to version 9.5.6:
  o Bug fixes Dashboard: Fix library panels in collapsed rows not getting
    updated Auth: Add and document option for enabling email lookup
  o Update to version 9.5.5: Security: Fix authentication bypass using Azure AD
    OAuth (bsc#1212641, CVE-2023-3128, jsc#PED-3694). Auth: Show invite button
    if disable login form is set to false. Azure: Fix Kusto auto-completion for
    Azure datasources. RBAC: Remove legacy AC editor and admin role on new
    dashboard route. API: Revert allowing editors to access GET /datasources.
    Settings: Add ability to override skip_org_role_sync with Env variables.
  o Update to version 9.5.3: Query: Prevent crash while executing concurrent
    mixed queries (bsc#1212099, CVE-2023-2801). Alerting: Require
    alert.notifications:write permissions to test receivers and templates (bsc#
    1212100, CVE-2023-2183).
  o Update to version 9.5.2: Alerting: Scheduler use rule fingerprint instead
    of version. Explore: Update table min height. DataLinks: Encoded URL fixed.
    TimeSeries: Fix leading null-fill for missing intervals. Dashboard: Revert
    fixed header shown on mobile devices in the new panel header. PostgreSQL:
    Fix TLS certificate issue by downgrading lib/pq. Provisioning: Fix
    provisioning issues with legacy alerting and data source permissions.
    Alerting: Fix misleading status code in provisioning API. Loki: Fix log
    samples using instant queries. Panel Header: Implement new Panel Header on
    Angular Panels. Azure Monitor: Fix bug that was not showing resources for
    certain locations. Alerting: Fix panic when reparenting receivers to groups
    following an attempted rename via Provisioning. Cloudwatch Logs: Clarify
    Cloudwatch Logs Limits.
  o Update to 9.5.1 Loki Variable Query Editor: Fix bug when the query is
    updated Expressions: Fix expression load with legacy UID -100
  o Update to 9.5.0 (CVE-2023-1387, bsc#1210907, jsc#PED-3694)
  o Breaking changes
      ? default named retention policies won't be used to query. Users who have
        a default named retention policy in their influxdb database, have to
        rename it to something else. Having default named retention policy is
        not breaking anything. We will make sure to use the actual default
        retention policy under the hood. To change the hardcoded retention
        policy in the dashboard.json, users must they select the right
        retention policy from dropdown and save the panel/dashboard.
      ? Grafana Alerting rules with NoDataState configuration set to Alerting
        will now respect "For" duration.
      ? Users who use LDAP role sync to only sync Viewer, Editor and Admin
        roles, but grant Grafana Server Admin role manually will not be able to
        do that anymore. After this change, LDAP role sync will override any
        manual changes to Grafana Server Admin role assignments. If
        grafana_admin is left unset in LDAP role mapping configuration, it will
        default to false. API keys: Add deprecation to api keys. API: Enable
        serving Swagger UI by default and add docs and guidelines. API: Permit
        Cache-Control (browser caching) for datasource resources.
        Accessibility: Make row actions keyboard accessible. Admin/Plugins: Set
        category filter in connections link. Alerting: Add CustomDetails field
        in PagerDuty contact point. Alerting: Add dashboard and panel links to
        rule and instance annotations. Alerting: Add filter and remove funcs
        for custom labels and Alerting: Add fuzzy search to alert list view.
        Alerting: Add metrics for active receiver and integrations. Alerting:
        Better printing of labels. Alerting: Create new state history "fanout"
        backend that dispatches to multiple other backends at once. Alerting:
        Enable preview for recording rules. Alerting: Fetch all applied
        alerting configurations. Alerting: Introduce proper feature toggles for
        common state history backend combinations. Alerting: Make time range
        query parameters not required when querying Loki. Alerting: New
        notification policies view. Alerting: No longer index state history log
        streams by instance labels. Alerting: Respect "For" Duration for NoData
        alerts. Alerting: Support filtering rules by multiple datasources.
        Alerting: Switch to snappy-compressed-protobuf for outgoing push
        requests to Loki. Angular: Prevent angular from loading when disabled.
        Auth: Add Generic oauth skip org role sync setting. Auth: Add feature
        flag to move token rotation to client. Auth: Show user sync external
        Authentication status. Backend: Use sdk version 0.148.0. Chore: Add
        stat for remote cache config. Chore: Replace short UID generation with
        more standard UUIDs. Chore: Use DOMPurify to sanitize strings rather
        than js-xss. CloudMonitoring: Add possibility to use path for private
        key. CloudWatch Logs: Update default timeout to 30m. CloudWatch: Add
        AWS/IotSiteWise namespace and metrics. CloudWatch: Add account support
        to variable queries. CloudWatch: Make deeplinks work for us-gov and
        china regions. Cloudwatch: Add MeteredIOBytes metric for EFS. Command
        Palette: Display dashboard location. Command palette: Enable folder
        searching. Connections: Turn on feature toggle by default. Cookies:
        Provide a mechanism for per user control over cookies. Dashboard
        Datasource: Update Query List & Improve UX. Dashboard: Add a feature
        that creates a table panel when a spreadsheet file is dropped on the
        dashboard. Dashboard: Add new visualization/row/library panel/pasted
        panel is now a dropdown menu. Dashboard: Add value format for requests
        per minute. Dashboard: Empty/No Panels dashboard with a new design.
        Dashboard: When dashboard is not found show message instead of empty
        page. Dashboards: Enable feature flag newPanelChromeUI by default.
        Dataplane: Support timeSeriesLong without transform. Datasources: Add
        user_agent header customization for outgoing HTTP requests.
        Datasources: Use getDefaultQuery in annotations editors. Docs: Add
        documentation on how to debug backend plugins. Docs: Deprecate
        dashboard previews. Elasticsearch: Detect Elasticsearch version.
        Elasticsearch: Run Explore queries trough data source backend. Explore:
        Add range option to internal data links. Explore: Add transformations
        to correlation data links. Explore: Support mixed data sources for
        supplementary query. Extensions: Expose an enum for available
        placements. Feat: Changing link destination for get more plugins. Feat:
        Linking to plugin details page rather than externally for new
        datasources. FieldMatchers: Add match by value (reducer). Flame graph:
        Add context menu. Flame graph: Add metadata above flame graph. Geomap:
        Improve tooltip url for photos layer. Geomap: Release night / day
        layer. InfluxDB: Move database information into jsondata. Jaeger and
        Zipkin: Config & docs upgrade. LDAP: Allow setting minimum TLS version
        and accepted ciphers. Live: Remove (alpha) ability to configure live
        pipelines. Logger: Add feature toggle for errors in HTTP request logs.
        Login: Allow custom name and icon for social providers. Logs Panel:
        Refactor style generation to improve rendering performance. Logs: Add
        millisecond to timestamp in log line. Logs: Rename dedup to
        deduplicate. Loki Query Editor: Make Monaco the default editor. Loki:
        Add unpack query builder hint. Loki: Add descriptions to query builder
        operations. Loki: Add placeholder to the loki query editor. Loki:
        Always fetch for new label keys in the QueryBuilder. Loki: Display
        error with label filter conflicts. Loki: Improve the display of loki
        query stats. MSSQL/Postgres: List views in table dropdown as well.
        MSSQL: Update forked go-mssqldb dependency. Metrics: Update comment to
        mention folders instead of dashboards. Navigation: Enable new
        navigation by default. NodeGraph: Support icons for nodes.
        Notifications: Enable display of trace ID by default. Packaging: Start
        Grafana service after InfluxDB. Panel Header: Add CancelQuery option to
        panel header. Panel: Show multiple errors info in the inspector.
        PanelChrome: Add option to show actions on the right side (actions =
        leftItems). Phlare: Allow variables in labelSelector (in query).
        Plugin: Skip preloading disabled app plugins. Plugins: Add optional
        logger for plugin requests sent to backend plugins. Plugins: Extend
        panel menu with commands from plugins. Plugins: Extend panel menu with
        links from plugins. Plugins: Improve instrumentation by adding metrics
        and tracing. Plugins: Support for distributed tracing in backend
        plugins SDK. Plugins: Support for link extensions. Profiling: Enable
        flame graph & Phlare/Parca data sources for all users. Prometheus
        Datasource: Improve Prom query variable editor. Prometheus Metrics: Add
        missing stat_total_teams metric. Prometheus/Loki: Run query explicitly
        instead of onblur in panel edit. Prometheus: Browser resource caching.
        Prometheus: Improve prometheus query variable editor. Prometheus: Use
        $__rate_interval for rate queries generated by metric browser. Pubdash:
        Email sharing handle dashboard deleted. PublicDashboards: Backfills
        share column with default value. PublicDashboards: Configuration modal
        redesign. PublicDashboards: Email sharing. PublicDashboards: Enable
        creation when dashboard has template variables. PublicDashboards:
        Paused or deleted public dashboard screen. QueryHistory: Improve
        handling of mixed datasource entries. Rendering: Experimental support
        to use JWTs as auth method. SQL Datasources: Add back help content.
        Schema: Remove exclusion for timeseries and update imports. Search:
        Improvements for starred dashboard search. Select: Show icon in the
        grafana/ui Select component. Service accounts: Creation logic
        simplification. Service accounts: Remove Add API keys buttons and
        remove one state of migrating for API keys tab. SplitOpen: Update API
        to accept multiple queries. Stat Panel: Add an option for a
        non-gradient/solid background. Stat: Add ability to remove default
        single-color background gradient. SupportBundles: Add OAuth bundle
        collectors. Table Panel: Add ability to use text color for value or
        hide value in gauge cell. Table: Introduce sparkline cell type. Tempo:
        Config and doc updates. Tempo: Update service graph view and docs.
        TraceView: Add key and url escaping of json tag values. TraceView:
        Reworked header. Tracing: Add more detail to HTTP Outgoing Request.
        Tracing: Docs and config improvements for Tempo/Jaeger/Zipkin. Tracing:
        Support multiple OTel propagators. Transformations: Support time format
        when converting time to strings. Transformers: Support adding the row
        index using calculate field transformer. Units: Format currency with
        negative before the symbol. API: Fix "Updated by" Column in dashboard
        versions table. AccessControl: Allow editors to access GET /api/
        datasources. Alerting: Add "backend" label to state history writes
        metrics. Alerting: Add alert instance labels to Loki log lines in
        addition to stream labels. Alerting: Elide requests to Loki if nothing
        should be recorded. Alerting: Fix DatasourceUID and RefID missing for
        DatasourceNoData alerts. Alerting: Fix ambiguous handling of equals in
        labels when bucketing Loki state history streams. Alerting: Fix
        attachment of external labels to Loki state history log streams.
        Alerting: Fix creating a recording rule when having multiple
        datasources. Alerting: Fix explore link in alert detail view. Alerting:
        Fix share URL for Prometheus rules on subpath. Alerting: Fix stats that
        display alert count when using unified alerting. Alerting: Hide mute
        timing actions when dealing with vanilla prometheus. Alerting: Paginate
        result previews. Alerting: Prometheus-compatible Alertmanager timings
        editor. Alerting: Update scheduler to get updates only from database.
        Alerting: Use a completely isolated context for state history writes.
        Alerting: Use displayNameFromDS if available in preview. Annotation
        List: Fix panel not updating when variable is changed. Annotations:
        Ignore unique constraint violations for tags. Auth: Fix orgrole picker
        disabled if isSynced user. AzureMonitor: Fix Log Analytics portal
        links. BrowseDashboards: Fix move to General folder not working.
        Catalog: Show install error with incompatible version. Chore: Update
        Grafana to use Alertmanager v0.25.1-0.20230308154952-78fedf89728b.
        CloudMonitoring: Add project selector for MQL editor[fix]. CloudWatch
        Logs: Fix running logs queries with expressions. CloudWatch Logs: Fix
        to make log queries use a relative time if available. CloudWatch Logs:
        Revert "Queries in an expression should run synchronously". CloudWatch:
        Fix cachedQueries insights not being updated for metric queries.
        Cloudwatch: Pass refId from query for expression queries. Dashboards:
        Evaluate provisioned dashboard titles in a backwards compatible way.
        Dashboards: Fix broken internal data links. Database: Don't sleep 10ms
        before every request. Elasticsearch: Fix processing of response with
        multiple group by for alerting. Elasticsearch: Handle multiple
        annotation structures. Email: Mark HTML comments as "safe" in email
        templates. ErrorHandling: Fixes issues with bad error messages.
        ErrorView: Better detection of no-data responses. Explore: Make
        DataSourcePicker visible on small screens. Fix: DataLinks from data
        sources override user defined data link. Fix: Top table rendering and
        update docs. Frontend: Fix broken links in /plugins when pathname has a
        trailing slash. Geomap: Fix route layer zoom behavior. Google Cloud
        Monitoring: Fix project variable. HeatMap: Sort y buckets when all
        bucket names are numeric. InfluxDB: Fix querying with hardcoded
        retention policy. InfluxDB: Fix sending retention policy with InfluxQL
        queries. KVStore: Include database field in migration. LDAP: Always
        synchronize Server Admin role through role sync if role sync is
        enabled. Library panels: Ensure pagination controls are always
        correctly displayed. Loki: Fix autocomplete situations with multiple
        escaped quotes. MegaMenu: Fixes mega menu showing scroll indicator when
        it shouldn't. Navigation: Redirect to root page when switching
        organization. Navigation: Scrolled hamburger menu links now navigate
        correctly in Safari. NestedFolders: Fix nested folder deletion. New
        Panel Header: Fix when clicking submenu item the parent menu item
        onClick get's triggered. Phlare: Fix error when there are no
        profileTypes to send from backend. PieChart: Show long labels properly.
        PluginExtensions: Fixed issue with incorrect type being exposed when
        configuring an extension. Plugins: Ensure proxy route bodies are valid
        JSON. Plugins: Fix width for README pages with tables. Plugins:
        Markdown fetch retry with lowercase. Plugins: Skip instrumenting plugin
        build info for core and bundled plugins. PublicDashboards: Query
        collapsed panels inside rows. Query Splitting: Fix for handling queries
        with no requestId. SQL Datasources: Fix variable throwing error if
        query returns no data. SQL Datasources: Prevent Call Stack Overflows
        with Large Numbers of Values for Variable. SQLStore: Fix SQLite error
        propagation if query retries are disabled. Stat Panel: Fix issue with
        clipping text values. Table Panel: Fix panel migration for options cell
        type. Table: Fix migrations from old angular table for cell color
        modes. Table: Fixes issue with pagination summary causing scrollbar.
        Table: Fixes table panel gauge alignment. TablePanel: Fix table cells
        overflowing when there are multiple data links. TablePanel: fix footer
        bug; no footer calculated values after "hidden" column override.
        Templating: Allow percent encoding of variable with custom all. Tempo:
        Set default limit if none is provided for traceql queries. TimeSeries:
        Don't extend stepped interpolation to graph edges. TimeSeries: Improve
        stacking direction heuristic. Trace View: Update the queryType to
        traceql for checking if same trace when clicking span link. TraceView:
        Don't require preferredVisualisationType to render. Utils: Reimplement
        util.GetRandomString to avoid modulo bias. XYChart: Add all dataset
        columns in tooltip.
  o Plugin development fixes & changes DateTimePicker: Can now select time
    correctly. Grafana UI: Fix tooltip prop of button component.
    DateTimePicker: Add min date support to calendar. GrafanaUI: Implement new
    component Toggletip. ContextMenu: Fix padding and show border based on
  o Update to 9.4.7 (2023-03-16) Alerting: Update scheduler to receive rule
    updates only from database. Influxdb: Re-introduce backend migration
    feature toggle. Security: Fixes for CVE-2023-1410. The InfluxDB backend
    migration feature toggle (influxdbBackendMigration) has been reintroduced
    in this version as issues were discovered with backend processing of
    InfluxDB data. Unless this feature toggle is enabled, all InfluxDB data
    will be parsed in the frontend. This frontend processing is the default
    behavior. In Grafana 9.4.4, InfluxDB data parsing started to be handled in
    the backend. If you have upgraded to 9.4.4 and then added new
    transformations on InfluxDB data, those panels will fail to render. To
    resolve this either: Remove the affected panel and re-create it or edit the
    time field as Time in panel.json or dashboard.json as the exporter toolkit
    has been updated by upstream
  o Install wrapper scripts under /usr/sbin
  o Install actual binaries under /usr/libexec/grafana (or /usr/lib under older
    distributions) and create a simlink for wrapper scripts and the service
    (which expect the binary to be under /usr/share/grafana/bin)
  o Update to 9.4.3 Alerting: Use background context for maintenance function.
  o Update to 9.4.2 Alerting: Fix boolean default in migration from false to 0.
  o Update to 9.4.0 Alerting: Add endpoint for querying state history.
    Alerting: Add label query parameters to state history endpoint. Alerting:
    Add static label to all state history entries. Alerting: Mark AM
    configuration as applied. Azure Monitor: Enable multiple resource queries.
    Query Caching: Add per-panel query caching TTL. Table: Add row number
    column option. Tempo: Remove tempoApmTable feature flag. Transformations:
    Selectively apply transformation to queries. AccessControl: Clear user
    permission cache for update org user role. Alerting: Fix handling of
    special floating-point cases when writing observed values to annotations.
    Auth: Rotate token patch. ContextMenu: Consider y coord when determining
    bottom collision. Elasticsearch: Fix consistent label order in alerting.
    Explore: Fix graph not updating when changing config. Heatmap: Support
    heatmap rows with non-timeseries X axis. Login: Fix panic when a user is
    upserted by a background process. MSSQL: Add support for macro function
    calls. MySQL: Quote identifiers that include special characters.
    Navigation: Sign in button now works correctly when served under a sub
    path. Nested Folder: Fix for SQLite not to overwrite the parent on
    restarts. PanelChrome: Adds display mode to support transparent option.
    Plugins: Case-sensitive routes for standalone pages. Plugins: Prefer to use
    the data source UID when querying. SQLStore: Fix folder migration for MySQL
    < 5.7. Search: Fix not being able to clear sort value. Tempo: Fix span name
    being dropped from the query. PanelChrome: Implement hover header.
  o Update to 9.3.7 Alerting: Validate that tags are 100 characters or less.
    Expressions: Fixes the issue showing expressions editor. Logs: Fix stats
    not being updated when log results change. Plugins: Fix circular reference
    in customOptions leading to MarshalJSON errors. Time Series Panel: Fix
    legend text selection in Firefox.
  o Update to 9.3.6 QueryEditorRow: Fixes issue loading query editor when data
    source variable selected.
  o Update to 9.3.4 Prometheus: Add default editor configuration. TextPanel:
    Refactor to functional component. Alerting: Fix webhook to use correct key
    for decrypting token. Alerting: Set error annotation on EvaluationError
    regardless of underlying error type. Datasources: Fix Proxy by UID Failing
    for UIDs with a Hyphen. Fix creating of span link with no tags.
    Elasticsearch: Fix failing requests when using SigV4. Elasticsearch: Fix
    toggle-settings are not shown correctly. Explore: Be sure time range key
    bindings are mounted after clear. Explore: Unsync time ranges when a pane
    is closed. Logs: Lines with long words do not break properly. Loki: Fix
    misaligned derived fields settings. Query Builder: Fix max width of input
    component to prevent overflows. Search: Auto focus input elements. Search:
    Fix empty folder message showing when by starred dashboards. Table Panel:
    Fix image of image cell overflowing table cell and cells ignoring text
    alignment setting when a data link is added.
  o Update to 9.3.2 Graphite: Process multiple queries to Graphite plugin. API:
    Fix delete user failure due to quota not enabled. Accessibility: Improved
    keyboard accessibility in BarGauge. Accessibility: Improved keyboard
    accessibility in BigValue. Alerting: Use the QuotaTargetSrv instead of the
    QuotaTarget in quota check. AzureMonitor: Automate location retrieval.
    AzureMonitor: Fix bad request when setting dimensions. BarChart: Fix value
    mappings. Build: Streamline and sync dockerfiles. Build: Unified dockerfile
    for all builds. CloudWatch: Fix - make sure dimensions are propagated to
    alert query editor. Cloudwatch: Fix deeplink with default region. Command
    Palette: Fix not being able to type if triggered whilst another modal is
    open. Command Palette: Maintain page state when changing theme. Dashboards:
    Fix 'Make Editable' button not working in Dashboard Settings. Dashboards:
    Show error when data source is missing. Datasource: Fix - apply default
    query also to queries in new panels. Dropdown: Menu now closes correctly
    when selecting options on touch devices. Influx: Query segment menus now
    position correctly near the bottom of the screen. Login: Fix failure to
    login a new user via an external provider if quota are enabled. Loki/
    Prometheus: Fix wrong queries executed in split view. Loki: Fix wrongly
    escaped label values when using LabelFilter. Navigation: Prevent app crash
    when importing a dashboard with a uid of home . Panel Edit: Fix data links
    edit icons being off screen when provided title is too long. Prometheus:
    Fix exemplar fill color to match series color in time series. Prometheus:
    Fix exemplars not respecting corresponding series display status.
    StateTimeline: Fix negative infinity legend/tooltip from thresholds. Table:
    Fixes row border style not showing and colored rows blending together.
    Tempo: Fix TraceQL autocomplete issues. TimePicker: Prevent TimePicker
    overflowing viewport on small screens. TimeRangePicker: Fix recently ranges
    only not showing all recent ranges. TimeZonePicker: Scroll menu correctly
    when using keyboard controls.
  o Update to 9.3.1 Connections: Update "Your connections/Data sources" page.
    Accessibility: Increase badge constrast to be WCAG AA compliant.
  o Update to 9.3.0 Alerting: Enable interpolation for notification policies in
    file provisioning. Azure Monitor Logs: Avoid warning when the response is
    empty. Azure Monitor: Add support to customized routes. Canvas: Add icon
    value mapping. CloudWatch: Cross-account querying support. Docs: Update
    merge-pull-request.md regarding backport policies. GaugePanel: Setting the
    neutral-point of a gauge. Geomap: Improve location editor.
    Internationalization: Enable internationalization by default. Logs: Add
    Download logs button to log log-browser. Loki: Add gzip compression to
    resource calls. Loki: Add improvements to loki label browser. Loki: Make
    label browser accessible in query builder. Loki: Remove raw query toggle.
    Middleware: Add CSP Report Only support. Navigation: Prevent viewer role
    accessing dashboard creation, import and folder creation. OAuth: Refactor
    OAuth parameters handling to support obtaining refresh tokens for Google
    OAuth. Oauth: Display friendly error message when role_attribute_strict=
    true and no valid role found. Preferences: Add confirmation modal when
    saving org preferences. PublicDashboards: Orphaned public dashboard
    deletion script added. Query Editor: Hide overflow for long query names.
    Solo Panel: Configurable timezone. TablePanel: Add support for Count
    calculation per column or per entire dataset. Tempo: Send the correct start
    time when making a TraceQL query. Various Panels: Remove beta label from
    Bar Chart, Candlestick, Histogram, State Timeline, & Status History Panels.
    Access Control: Clear user's permission cache after resource creation.
    Accessibility: Improve keyboard accessibility in AnnoListPanel .
    Accessibility: Improve keyboard accessibility in Collapse . GettingStarted
    panel. Accessibility: Improve keyboard accessibility of FilterPill . Admin:
    Fix broken links to image assets in email templates. Azure Monitor: Fix
    namespace selection for storageaccounts. Calcs: Fix difference percent in
    legend. DataLinks: Improve Data-Links AutoComplete Logic. Explore: Fix a11y
    issue with logs navigation buttons. Heatmap: Fix blurry text & rendering.
    Heatmap: Fix tooltip y range of top and bottom buckets in calculated
    heatmaps. Logs: Fix misalignment of LogRows. Navigation: Stop clearing
    search state when opening a result in a new tab. OptionsUI:
    SliderValueEditor does not get auto focused on slider change. PanelEdit:
    Fixes bug with not remembering panel options pane collapse/expand state.
    Quota: Fix failure in store due to missing scope parameters. Quota: Fix
    failure when checking session limits. StateTimeline: Prevent label text
    from overflowing state rects. Tempo: Fix search table duration unit.
    TraceView: Fix broken rendering when scrolling in Dashboard panel in
    Firefox. GrafanaUI: Add disabled option for menu items.
  o Update to 9.2.4 Access Control: Add an endpoint for setting several managed
    resource permissions. Accessibility: Increase Select placeholder contrast
    to be WCAG AA compliant. Alerting: Append org ID to alert notification
    URLs. Alerting: Make the Grouped view the default one for Rules. Build:
    Remove unnecessary alpine package updates. Google Cloud Monitoring: Set
    frame interval to draw null values. Instrumentation: Expose when the binary
    was built as a gauge. Loki: Preserve X-ID-Token header. Search: Reduce
    requests in folder view. TimeSeries: More thorough detection of negative
    values for auto-stacking direction. Alerting: Attempt to preserve UID from
    migrated legacy channel. Alerting: Fix response is not returned for invalid
    Duration in Provisioning API. Alerting: Fix screenshot is not taken for
    stale series. Auth: Fix admins not seeing pending invites. MSSQL/Postgres:
    Fix visual query editor filter disappearing. Tempo: Fix dropdown issue on
    tag field focus. Timeseries: Fix null pointer when matching fill below to
    field. Toolkit: Fix Webpack less-loader config.
  o Update to 9.2.3 Docs: Add information about DB version support to upgrade
    guide. Footer: Update footer release notes link to Github changelog.
    Prometheus: Do not drop errors in streaming parser. Prometheus: Flavor/
    version configuration. Prometheus: Provide label values match parameter API
    when supported prometheus instance is configured. Security: Upgrade x/text
    to version unaffected by CVE-2022-32149. Auth: Fix GF_AUTH_JWT_URL_LOGIN
    env variable doesn't work. Live: Explicitly reply with http 200.
    Prometheus: Fix builder operation mode changing multiselect to single
    select behaviour. Security: Fix vulnerabilities in webpack loader-utils.
  o Update to 9.2.2 Alerting: Add support for wecom apiapp. Canvas: Improve
    resource picker initialization. Canvas: Improve text element readability.
    CloudWatch: Make sure adoption tracking is done on valid, migrated queries.
    Dashboard: Alerts user to incorrect tag format for JSON import. MSSQL:
    Support tables from all schemas. Opentsdb: Allow template variables for
    filter keys. QueryEditor: Revert components from grafana-ui. Browse: Fix
    General folder not showing in FolderPicker. Elasticsearch: Fix calculation
    of trimEdges in alert mode. Elasticsearch: Fix trimEdges delete logic in
    alert mode. GoogleOAuth: Unlock User Admin UI. LogContext: Fix wrong color
    of show context icon in light theme. Loki: Fix adding of adhoc filters to
    stream selector when query with empty stream selector. Loki: Fix double
    stringified log-lines when copied via Copy button. Loki: Fix explain
    section about $__interval variable. Loki: Remove already selected options
    from next label filter options in builder. NodeGraph: Fix rendering issues
    when values of arc are over 1. PublicDashboards: Fix hidden queries
    execution. Tempo: Fix Node Graph visualization type in dashboard.
    TimeSeries: Fix stacking when first value is negative zero.
    TimeseriesPanel: Fix variables in data links. User: Fix externalUserId not
    being populated. We added some components a bit too early to @grafana/ui in
    9.2 so we are moving them back to @grafana/experimental. If you used any of
    these components AccessoryButton EditorFieldGroup EditorHeader EditorField
    EditorRow EditorList EditorRows EditorSwitch FlexItem Stack InlineSelect
    InputGroup Space Please use them from grafana/experimental from now on.
  o Update to 9.2.1 Alerting: Improve notification policies created during
    migration. AzureAD: Add option to force fetch the groups from the Graph
    API. Docs: Note end of release notes publication. Inspect: Handle JSON tab
    crash when the provided object is too big to stringify. TablePanel: Footer
    now updates values on column filtering. Alerting: Fix email image embedding
    on Windows. Alerting: Fix mathexp.NoData for ConditionsCmd. Legacy
    Alerting: Fix duration calculation when testing a rule. Loki: Propagate
    additional headers from Grafana to Loki when querying data. Search: Sort
    alphabetically in the folder view, increase the limit of the folder search
    from 50 to 1000. TablePanel: Fix last table column to be centered. Grafana
    UI: Export prop types for queryfield, modal and field components. Toolkit:
    Fix Cannot use import statement outside... error in tests.
  o Update to 9.2.0 Alerting: Add Notification error feedback on contact points
    view. Alerting: Allow created by to be manually set when there's no creator
    for silences. Alerting: Expose info about notification delivery errors in a
    new /receivers endpoint. Alerting: Update imported prometheus alertmanager
    version. Alerting: Write and Delete multiple alert instances. Core:
    Implement aria attributes for query rows, improve a11y. DevEnv: Adds docker
    block for clickhouse. Docker: removes unneccesary use of edge repo.
    Explore: Revert split pane resize feature. Frontend: Make local storage
    items propagate to different tabs immediately. PublicDashboards: Allow
    disabling an existent public dashboard if it. QueryEditorRow: Only pass
    error to query editor if panel is not in a loading state. XYChart: Beta
    release. Alerting: Start ticker only when scheduler starts. Alerting: Fix
    pq: missing FROM-clause for table "a". AzureMonitor: Correctly update
    subscriptions value in ARG editor. Chore: Regenerate swagger specification
    and fix validation failures. Correlations: Only return correlation for
    which both source and target datasources exist. Explore: Prevent panes from
    disappearing when resizing window in split view. Links: Fix opening links
    from different orgs on the same tab. LogContext: Fix scroll position in
    upper context group. Logs: Show copy button independently from context.
    Loki/Prometheus: Fix adding of ad hoc filters when jumping from dashboard
    to explore. Loki: Add support for range aggregations with by grouping.
    Loki: Fix label-value escaping in context query. Loki: Fix redundant
    escaping in adhoc filter with regex match. PanelEdit: Fixes resize pane
    border and spacing issues. RBAC: Redirect to /login when forceLogin is set.
    Security: Fix CVE-2022-27664. StateTimeline: Fix tooltip showing
    erroneously in shared crosshair dashboards. Tempo: Fix unexpected trimming
    of leading zeroes in traceID. Tracing: Fix bug where errors are not
    reported to OpenTelemetry.
  o Update to 9.1.8 Alerting: Fix evaluation interval validation. Alerting: Fix
    migration to create rules with group index 1. Alerting: Fix migration to
    not add label "alertname". Azure Monitor: Fix empty Logs response for
    Alerting. Azure Monitor: Fix subscription selector when changing data
    sources. Google Cloud Monitoring: Fix bucket bound for distributions.
  o Update to 9.1.7 CloudWatch: Add missing AWS/Prometheus metrics. Explore:
    Add feature tracking events. Graphite: Add error information to graphite
    queries tracing. Prometheus: Restore FromAlert header. Search: Add search
    index configuration options. Thresholds: Add option for dashed line style.
    Alerting: Fix default query's data source when no default datasource
    specified. Alerting: Fix mathexp.NoData cannot be reduced. Alerting: Skip
    unsupported file types on provisioning. AzureMonitor: Ensure resourceURI
    template variable is migrated. Dashboard: Fix plugin dashboard save as
    button. Docs: Fix decimals: auto docs for panel edit. Fix: RBAC handle
    error no resolver found. LibraryPanelSearch: Refactor and fix hyphen issue.
    Live: Fix live streaming with live-service-web-worker feature flag enabled.
    QueryField: Fix wrong cursor position on autocomplete.
  o Update to 9.1.6 DataSource: Adding possibility to hide queries from the
    inspector. Inspect: Hide Actions tab when it is empty. PanelMenu: Remove
    hide legend action as it was showing on all panel types. Provisioning
    Contact points: Support disableResolveMessage via YAML. PublicDashboards:
    Support subpaths when generating pubdash url. Alerting: Fix legacy
    migration crash when rule name is too long. Alerting: Fix send resolved
    notifications. Azure Monitor: Fix migration issue with
    MetricDefinitionsQuery template variable query types. Browse: Hide
    dashboard actions if user does not have enough permission. ElasticSearch:
    Fix dispatching queries at a wrong time. Panel: Disable legends when
    showLegend is false prior to schema v37. Prometheus: Fix metadata requests
    for browser access mode. Search: Avoid requesting all dashboards when in
    Folder View. TablePanel/StatPanel: Fix values not being visible when
    background transparent.
  o Update to 9.1.5 Alerting: Sanitize invalid label/annotation names for
    external alertmanagers. Alerting: Telegram: Truncate long messages to avoid
    send error. DisplayProcessor: Handle reverse-ordered data when auto-showing
    millis. Heatmap: Add option to reverse color scheme. PluginLoader: Alias
    slate-react as @grafana/slate-react. Search: Add substring matcher, to
    bring back the old dashboard search behavior. Traces: More visible span
    colors. Alerting: Fix incorrect propagation of org ID and other fields in
    rule provisioning endpoints. Alerting: Resetting the notification policy
    tree to the default policy will also restore default contact points.
    AzureMonitor: Fix custom namespaces. AzureMonitor: Fix issue where custom
    metric namespaces are not included in the metric namespace list.
    CloudWatch: Fix display name of metric and namespace. Cloudwatch: Fix
    annotation query serialization issue. Dashboard: Fix issue where unsaved
    changes warning would appear even after save, and not being able to change
    library panels. Dashboard: Hide overflow content for single left pane.
    Loki: Fix a bug where adding adhoc filters was not possible.
  o Update to 9.1.4 GrafanaUI: Fixes Chrome issue for various query fields.
  o Update to 9.1.3 API: Do not expose user input in datasource error
    responses. Library Panel: Allow to delete them when deprecated. Plugins
    Catalog: Allow to filter plugins using special characters. Alerting: Fix UI
    bug when setting custom notification policy group by. AppRootPage: Fix
    issue navigating between two app plugin pages. Correlations: Use correct
    fallback handlers. RBAC: Fix deleting empty snapshots. LibraryElements: Fix
    inability to delete library panels under MySQL. Metrics: fix
    grafana_database_conn_* metrics, and add new go_sql_stats_* metrics as
    eventual replacement. TestData DB: Fix node graph not showing when the Data
    type field is set to random .
  o Deprecations The grafana_database_conn_* metrics are deprecated, and will
    be removed in a future version of Grafana. Use the go_sql_stats_* metrics
  o Update to 9.1.2 AdHoc variable: Correctly preselect datasource when
    provisioning. AzureMonitor: Added ARG query function for template
    variables. Dashboards: Persist details message when navigating through
    dashboard save drawer's tabs. Dashboards: Correctly migrate mixed data
    source targets. Elasticsearch: Use millisecond intervals for alerting.
    Elasticsearch: Use millisecond intervals in frontend. Geomap: Local color
    range. Plugins Catalog: Use appSubUrl to generate plugins catalog urls.
    Rendering: Add support for renderer token. Alerting: Fix saving of
    screenshots uploaded with a signed url. AngularPanels: Fixing changing
    angular panel options not taking having affect when coming back from panel
    edit. Explore: Improve a11y of query row collapse button. Geomap: Fix
    tooltip display. QueryEditorRow: Filter data on mount. Search: Show all
    dashboards in the folder view. Tracing: Fix the event attributes in
    opentelemetry tracing. GrafanaUI: Fix styles for invalid selects &
  o Update to 9.1.1 Cloud Monitoring: Support SLO burn rate. Schema: Restore
    "hidden" in LegendDisplayMode. Timeseries: Revert the timezone(s) property
    name change back to singular. Alerting: Fix links in Microsoft Teams
    notifications. Alerting: Fix notifications for Microsoft Teams. Alerting:
    Fix width of Adaptive Cards in Teams notifications. ColorPickerInput: Fix
    popover in disabled state. Decimals: Fixes auto decimals to behave the same
    for positive and negative values. Loki: Fix unique log row id generation.
    Plugins: Fix file extension in development authentication guide.
    TimeSeries: Fix jumping legend issue. TimeSeries: Fix memory leak on viz
    re-init caused by KeyboardPlugin. TimePicker: Fixes relative timerange of
    less than a day not displaying. GrafanaUI: Fixes ClipboardButton to always
    keep multi line content.
  o Update to 9.1.0 API: Allow creating teams with a user defined identifier.
    Alerting: Adds interval and For to alert rule details. Alerting: Extend PUT
    rule-group route to write the entire rule group rather than top-level
    fields only. Alerting: Use Adaptive Cards in Teams notifications. Azure
    Monitor: Add Network Insights Dashboard. Chore: Improve logging of
    unrecoverable errors. Correlations: Add UpdateCorrelation HTTP API.
    Dashboard: Reverted the changes of hiding multi-select and all variable in
    the datasource picker. Geomap: Add alpha day/night layer. Geomap: Add
    measuring tools. GrafanaUI: Add success state to ClipboardButton. Heatmap:
    Replace the heatmap panel with new implementation. KVStore: Allow empty
    value in kv_store. Prometheus: Promote Azure auth flag to configuration.
    Search: Display only dashboards in General folder of Search Folder View.
    Status history/State timeline: Support datalinks. Transform: Add a limit
    transform. Transformations: Add standard deviation and variance reducers.
    API: Fix snapshot responses. Access Control: Fix permission error during
    dashboard creation flow. Access Control: Set permissions for Grafana's test
    data source. Alerting: Fix migration failure. BarGauge: Show empty bar when
    value, minValue and maxValue are all equal. Dashboard: Fix color of bold
    and italics text in panel description tooltip. Loki: Fix passing of query
    with defaults to code mode. Loki: Fix producing correct log volume query
    for query with comments. Loki: Fix showing of unusable labels field in
    detected fields. Tracing: Fix OpenTelemetry Jaeger context propagation.
    Alerting: AlertingProxy to elevate permissions for request forwarded to
    data proxy when RBAC enabled. Plugins: Only pass rootUrls field in request
    when not empty. Alert notifications to Microsoft Teams now use Adaptive
    Cards instead of Office 365 Connector Cards. Starting at 9.1.0, existing
    heatmap panels will start using a new implementation. This can be disabled
    by setting the useLegacyHeatmapPanel feature flag to true. It can be tested
    on a single dashbobard by adding ?__feature.useLegacyHeatmapPanel=true to
    any dashboard URL. The most notable changes are: Significantly improved
    rendering performance When calculating heatmaps, the buckets are now placed
    on reasonable borders (1m, 5m, 30s etc) Round cells are no longer supported
  o Update to 9.0.9 AuthNZ: Security fixes for CVE-2022-35957 and
  o Update to 9.0.8 Alerting: Hide "no rules" message when we are fetching from
    data sources. Alerting: AlertingProxy to elevate permissions for request
    forwarded to data proxy when RBAC enabled.
  o Update to 9.0.7 CloudMonitoring: Remove link setting for SLO queries.
    GrafanaUI: Render PageToolbar's leftItems regardless of title's presence.
  o Update to 9.0.6 Access Control: Allow org admins to invite new users to
    their organization. Grafana/toolkit: Fix incorrect image and font
    generation for plugin builds. Prometheus: Fix adding of multiple values for
    regex operator. UI/Card: Fix card items always having pointer cursor.
  o Update to 9.0.5 Access control: Show dashboard settings to users who can
    edit dashboard. Alerting: Allow the webhook notifier to support a custom
    Authorization header. Plugins: Add signature wildcard globbing for
    dedicated private plugin type. Prometheus: Don't show errors from
    unsuccessful API checks like rules or exemplar checks. Access control:
    Allow organisation admins to add existing users to org. Alerting: Fix alert
    panel instance-based rules filtering. Apps: Fixes navigation between
    different app plugin pages. Cloudwatch: Upgrade grafana-aws-sdk to fix auth
    issue with secret keys. Loki: Fix show context not working in some
    occasions. RBAC: Fix permissions on dashboards and folders created by
    anonymous users.
  o Update to 9.0.4 Browse/Search: Make browser back work properly when
    visiting Browse or search. Logs: Improve getLogRowContext API. Loki:
    Improve handling of empty responses. Plugins: Always validate root URL if
    specified in signature manfiest. Preferences: Get home dashboard from
    teams. SQLStore: Support Upserting multiple rows. Traces: Add more template
    variables in Tempo & Zipkin. Traces: Remove serviceMap feature flag. Access
    Control: Fix missing folder permissions. Access control: Fix org user
    removal for OSS users. Alerting: Fix Slack notifications. Alerting:
    Preserve new-lines from custom email templates in rendered email. Log: Fix
    text logging for unsupported types. Loki: Fix incorrect TopK value type in
    query builder.
  o Update to 9.0.3 Access Control: Allow dashboard admins to query org users.
    Alerting: Add method to provisioning API for obtaining a group and its
    rules. Alerting: Allow filtering of contact points by name. Alerting:
    Disable /api/admin/pause-all-alerts with Unified Alerting. Annotations: Use
    point marker for short time range annotations. AzureMonitor: Update UI to
    experimental package. AzureMonitor: Update resource and namespace metadata.
    CloudWatch: Remove simplejson in favor of 'encoding/json'. DashboardRow:
    Collapse shortcut prevent to move the collapsed rows. Navigation: Highlight
    active nav item when Grafana is served from subpath. Plugins: InfluxDB
    datasource - set epoch query param value as "ms". Plugins: InfluxDB update
    time range query. StateTimeline: Try to sort time field. API: Do not
    validate/save legacy alerts when saving a dashboard if legacy alerting is
    disabled. Alerting: Add method to reset notification policy tree back to
    the default. Alerting: Fix Teams notifier not failing on 200 response with
    error. Alerting: Fix bug where state did not change between Alerting and
    Error. Alerting: Fix consistency errors in OpenAPI documentation. Alerting:
    Fix normalization of alert states for panel Alerting: Provisioning API
    respects global rule quota. CSRF: Fix additional headers option. Chore:
    Bump parse-url to 6.0.2 to fix security vulnerabilities. Chore: Fix
    CVE-2020-7753. Chore: Fix CVE-2021-3807. Chore: Fix CVE-2021-3918. Chore:
    Fix CVE-2021-43138. Chore: Fix CVE-2022-0155. Dashboard: Fixes tooltip
    issue with TimePicker and Setting buttons. Dashboard: Prevent unnecessary
    scrollbar when viewing single panel. Logs: Fixed wrapping log lines from
    detected fields. Loki: Add missing operators in label filter expression.
    Loki: Fix error when changing operations with different parameters. Loki:
    Fix suggesting of correct operations in query builder. Plugins: InfluxDB
    variable interpolation fix for influxdbBackendMigration feature flag.
    SQLstore: Fix fetching an inexistent playlist. Security: Fixes for
    CVE-2022-31107 and CVE-2022-31097. Snapshots: Fix deleting external
    snapshots when using RBAC. Table: Fix scrollbar being hidden by pagination.
    Templating: Changing between variables with the same name now correctly
    triggers a dashboard refresh. Time series panel: Fix an issue with stacks
    being not complete due to the incorrect data frame length.
  o Update to 9.0.2 Alerting: Add support for images in Pushover alerts.
    Alerting: Don't stop the migration when alert rule tags are invalid.
    Alerting: Skip the default data source if incompatible. AzureMonitor: Parse
    non-fatal errors for Logs. OAuth: Restore debug log behavior. Plugins:
    Improved handling of symlinks. Alerting: Code-gen parsing of URL parameters
    and fix related bugs. Annotations: Fix annotation autocomplete causing
    panels to crash. Barchart: Fix warning not showing. CloudWatch: Enable
    custom session duration in AWS plugin auth. Dashboards: Fixes issue with
    the initial panel layout counting as an unsaved change. Plugins: Use a
    Grafana specific SDK logger implementation for core plugins. Search: Fix
    pagination in the new search page.
  o Update to 9.0.1 Alerting: Add support for image annotation in Alertmanager
    alerts. Alerting: Add support for images in SensuGo alerts. Alerting: Add
    support for images in Threema alerts. Alerting: Adds Mimir to Alertmanager
    data source implementation. Alerting: Invalid setting of enabled for
    unified alerting should return error. AzureMonitor: Clean namespace when
    changing the resource. AzureMonitor: Update supported namespaces and filter
    resources by the right type. CLI: Allow relative symlinks in zip archives
    when installing plugins. Dashboard: Don't show unsaved changes modal for
    automatic schema changes. Dashboard: Unsaved changes warning should not
    trigger when only pluginVersion has changed. Expression: Execute hidden
    expressions. Geomap: Support showing tooltip content on click (not just
    hover). Heatmap: Remove alpha flag from new heatmap panel. Instrumentation:
    Define handlers for requests that are not handled with named handlers. Log
    Panel: Improve log row hover contrast and visibility. Logs: Handle
    backend-mode errors in histogram. Loki: Do not show histogram for instant
    queries. Loki: Handle data source configs with path in the url. Loki:
    Handle invalid query type values. OAuth: Redirect to login if no oauth
    module is found or if module is not configured. OptionsUI: Move internal
    options editors out of @grafana/ui. Prometheus: Don't show undefined for
    step in collapsed options in query editor when value is "auto". Prometheus:
    Show query patterns in all editor modes for Prometheus and Loki. Tempo: Add
    link to Tempo Search with node service selected. Time Series Panel: Add
    Null Filling and "No Value" Support. TimeSeries: Add an option to set
    legend width. Timeseries: Improve cursor Y sync behavior. Traces: Do not
    use red in span colors as this looks like an error. Alerting: Fix AM config
    overwrite when SQLite db is locked during sync. Alerting: Fix alert
    instances filtering for prom rules. Alerting: Fix alert rule page crashing
    when datasource contained URL unsafe characters. Alerting: Fix
    automatically select newly created folder option. Alerting: Fix removal of
    notification policy without labels matchers. CloudWatch: Allow hidden
    queries to be executed in case an ID is provided. Dashboard: Prevent
    non-repeating panels being dropped from repeated rows when collapsed/
    expanded. Dashboards: Fix folder picker not showing correct results when
    typing too fast. Datasource: Prevent panic when proxying for non-existing
    data source. Explore: Fix log context scroll to bottom. Explore: Revert
    "Remove support for compact format URLs". Expressions: Fixes dashboard
    schema migration issue that casued Expression datasource to be set on panel
    level. Formatting: Fixes valueFormats for a value of 0. GrafanaData: Fix
    week start for non-English browsers. LibraryPanel: Resizing a library panel
    to 6x3 no longer crashes the dashboard on startup. LogRow: Fix placement of
    icon. Loki: Fix bug in labels framing. Loki: Fix issues with using query
    patterns. Loki: Fix showing of duplicated label values in dropdown in query
    builder. MSSQL: Fix ParseFloat error. Panels: Fixes issue with showing
    'Cannot visualize data' when query returned 0 rows. Playlists: Disable
    Create Playlist buttons for users with viewer role. Plugins: Fix typo in
    plugin data frames documentation. Prometheus: Fix body not being included
    in resource calls if they are POST. RolePicker: Fix submenu position on
    horizontal space overflow. Tracing: Fix trace links in traces panel.
    Support for compact Explore URLs is deprecated and will be removed in a
    future release. Until then, when navigating to Explore using the deprecated
    format the URLs are automatically converted. If you have existing links
    pointing to Explore update them using the format generated by Explore upon
    navigation. You can identify a compact URL by its format. Compact URLs have
    the left (and optionally right) url parameter as an array of strings, for
    example &left=["now-1h","now"...] . The standard explore URLs follow a key/
    value pattern, for example &left={"datasource":"test"...} . Please be sure
    to check your dashboards for any hardcoded links to Explore and update them
    to the standard URL pattern.
  o Update to 9.0.0 API: Add GET /api/annotations/:annotationId endpoint. API:
    Add endpoint for updating a data source by its UID. AccessControl: Add
    enterprise only setting for rbac permission cache. AccessControl: Document
    basic roles changes and provisioning V2. AccessControl: Enable RBAC by
    default. AddDataSourceConfig: Remove deprecated checkHealth prop. Alerting:
    Add Image URLs to Microsoft Teams notifier. Alerting: Add RBAC actions and
    role for provisioning API routes. Alerting: Add Screenshot URLs to
    Pagerduty Notifier. Alerting: Add a "Reason" to Alert Instances to show
    underlying cause of state. Alerting: Add a general screenshot service and
    alerting-specific image service. Alerting: Add image url or file attachment
    to email notifications. Alerting: Add image_urls to OpsGenie notification
    details. Alerting: Add notification policy flow chart. Alerting: Attach
    image URL to alerts in Webhook notifier format. Alerting: Attach image URLs
    or upload files to Discord Alerting: Attach image URLs to Google Chat
    notifications. Alerting: Attach screenshot data to Unified Alerting
    Alerting: Create folder for alerting when start from the scratch. Alerting:
    Modify alertmanager endpoints for proxying using the datasource UID.
    Alerting: Modify endpoint for testing a datasource rule using the UID.
    Alerting: Modify prometheus endpoints for proxying using the datasource
    UID. Alerting: State Manager takes screenshots. Alerting: Use UID scope for
    folders authorization. Alerting: modify ruler endpoints for proxying using
    the datasource UID. Angular: Adds back two angular directives that are
    still used by remaining angular bits and plugins. Azure Monitor: Add
    Resource Picker to Metrics Queries. Azure Monitor: Add search feature to
    resource picker. AzureMonitor: Add support for selecting multiple options
    when using the equals and not equals dimension filters. AzureMonitor:
    Remove deprecated code. Build: Change names to PascalCase to match. Chore:
    Remove deprecated DataSourceAPI methods. Chore: Upgrade typescript to
    4.6.4. Cloud Monitoring: Use new annotation API. CloudMonitoring: Allow to
    set a custom value or disable graph_period. CloudWatch: Add generic filter
    component to variable editor. CloudWatch: Added missing AWS/AppRunner
    metrics. CloudWatch: Enable support for dynamic labels with migrated alias
    patterns. Cloudwatch: Pass label in deep link. Cloudwatch: Use new
    annotation API. Dashboard: Validate dashboards against schema on save.
    DashboardPickerByID: Add option to exclude dashboards. DashboardPickerById:
    Add optionLabel prop. Dashboards: Display values of 0 with the configured
    decimal places. Data: Remove deprecated types and functions from
    valueMappings. Elasticsearch: Remove browser access mode. Elasticsearch:
    Remove support for versions after their end of the life (<7.10.0).
    Encryption: Add support for multiple data keys per day. Encryption: Enable
    envelope encryption by default. Explore: Remove support for legacy, compact
    format URLs. Explore: Skip Angular error handling when Angular support is
    disabled. Explore: simplify support for multiple query editors.
    FeatureToggles: Support changing feature toggles with URL parameters.
    FileUpload: Make component accessible by keyboard navigation. Formatting:
    Make SI number formats more robust. Graph: Deprecate Graph (old) and make
    it no longer a visualization option for new panels. IconButton: IconButtons
    are now correctly aligned in Safari. Logger: Enable new logging format by
    default. Loki: Add more query patterns. Loki: Enable new visual query
    builder by default. Loki: use the same dataframe-format for both live and
    normal queries. OAuth: Make allowed email domain case insensitive. Panels:
    Use the No value option when showing the no data message. Plugins: Remove
    plugin list panel. Query History: Enable new query history by default.
    QueryEditorRow: Show query errors next to query in a consistent way across
    Grafana. SAML: Implement Name Templates for assertion_attribute_name
    option. Service accounts: Do not display service accounts assigned to team.
    Settings: Use Grafana Azure SDK to pass Azure env vars for external
    plugins. Shortcuts: Add shortcut to show shortcuts to the list of
    shortcuts. Traces Panel: Add new Traces Panel visualization. Traces: Filter
    by service/span name and operation in Tempo and Jaeger. Transformations:
    Allow more complex regex expressions in Rename by regex . grafana/ui: Add
    default type="button" to <Button>. Alerting: Fix database unavailable
    removes rules from scheduler. AzureMonitor: Fix auto-selection of
    time-grain for metrics. DataSources: Fixes issue with expressions not being
    queried. GraphNG: Fix thresholds by color not following data update.
    Jaeger: Update operations dropdown. Login: Fix mismatching label on
    auth_module in user list. Playlists: Save button now correctly creates a
    new playlist. RBAC: Fix migrations running in the wrong order causing
    inheritance problem in enterprise. ServiceAccounts: Add identifiable token
    prefix to service account tokens. Traces: Fix missing CopyButton on
    KeyValueTables and overlapping of panels. setExploreQueryField ,
    setExploreMetricsQueryField and setExploreLogsQueryField are now deprecated
    and will be removed in a future release. If you need to set a different
    query editor for Explore, conditionally render based on props.app in your
    regular query editor. Chore: Remove react-testing-lib from bundles. Select:
    Portal menu by default. The @grafana/ui package helper function
    selectOptionInTest used in frontend tests has been removed as it caused
    testing libraries to be bundled in the production code of Grafana. If you
    were using this helper function in your tests please update your code
    accordingly: js // before import { selectOptionInTest } from '@grafana/ui';
    // ...test usage await selectOptionInTest(selectEl, 'Option 2'); // after
    import { select } from 'react-select-event'; await select(selectEl, 'Option
    2', { container: document.body }); Removed deprecated checkHealth prop from
    the @grafana/e2e addDataSource config. Previously this value defaulted to
    false , and has not been used in end-to-end tests since Grafana 8.0.3.
    Removes the deprecated LegacyBaseMap , LegacyValueMapping , LegacyValueMap
    , and LegacyRangeMap types, and getMappedValue function from grafana-data.
    Migration is as follows: | Old | New | | -------------------- |
    ----------------------- | | LegacyBaseMap | MappingType | |
    LegacyValueMapping | ValueMapping | | LegacyValueMap | ValueMap | |
    LegacyRangeMap | RangeMap | | getMappedValue | getValueMappingResult | This
    change fixes a bug in Grafana where intermittent failure of database,
    network between Grafana and the database, or error in querying the database
    would cause all alert rules to be unscheduled in Grafana. Following this
    change scheduled alert rules are not updated unless the query is
    successful. The get_alert_rules_duration_seconds metric has been renamed to
    schedule_query_alert_rules_duration_seconds . Any secret (data sources
    credential, alert manager credential, etc, etc) created or modified with
    Grafana v9.0 won't be decryptable from any previous version (by default)
    because the way encrypted secrets are stored into the database has changed.
    Although secrets created or modified with previous versions will still be
    decryptable by Grafana v9.0. If required, although generally discouraged,
    the disableEnvelopeEncryption feature toggle can be enabled to keep
    envelope encryption disabled once updating to Grafana In case of need to
    rollback to an earlier version of Grafana (i.e. Grafana v8.x) for any
    reason, after being created or modified any secret with Grafana v9.0, the
    envelopeEncryption feature toggle will need to be enabled to keep backwards
    compatibility (only from v8.3.x a bit unstable, from 8.5.x stable). As a
    final attempt to deal with issues related with the aforementioned
    situations, the grafana-cli admin secrets-migration rollback command has
    been designed to move back all the Grafana secrets encrypted with envelope
    encryption to legacy encryption. So, after running that command it should
    be safe to disable envelope encryption and/or roll back to a previous
    version of Grafana. Alternatively or complementarily to all the points
    above, backing up the Grafana database before updating could be a good idea
    to prevent disasters (although the risk of getting some secrets corrupted
    only applies to those updates/created with after updating to Grafana v9.0).
    According to the dynamic labels documentation, you can use up to five
    dynamic values per label. There's currently no such restriction in the
    alias pattern system, so if more than 5 patterns are being used the
    GetMetricData API will return an error. Dynamic labels only allow \${LABEL}
    to be used once per query. There's no such restriction in the alias pattern
    system, so in case more than 1 is being used the GetMetricData API will
    return an error. When no alias is provided by the user, Grafana will no
    longer fallback with custom rules for naming the legend. In case a search
    expression is being used and no data is returned, Grafana will no longer
    expand dimension values, for instance when using a multi-valued template
    variable or star wildcard * in the dimension value field. Time series might
    be displayed in a different order. Using for example the dynamic label $
    {PROP('MetricName')} , might have the consequence that the time series are
    returned in a different order compared to when the alias pattern {{metric}}
    is used In Elasticsearch, browser access mode was deprecated in grafana
    7.4.0 and removed in 9.0.0. If you used this mode, please switch to server
    access mode on the datasource configuration page. Environment variables
    passed from Grafana to external Azure plugins have been renamed:
    renamed to GFAZPL_MANAGED_IDENTITY_CLIENT_ID There are no known plugins
    which were relying on these variables. Moving forward plugins should read
    Azure settings only via Grafana Azure SDK which properly handles old and
    new environment variables. Removes support for for ElasticSearch versions
    after their end-of-life, currently versions < 7.10.0. To continue to use
    ElasticSearch data source, upgrade ElasticSearch to version 7.10.0+.
    Application Insights and Insight Analytics queries in Azure Monitor were
    deprecated in Grafana 8.0 and finally removed in 9.0. Deprecated queries
    will no longer be executed. grafana/ui: Button now specifies a default type
    ="button" The Button component provided by @grafana/ui now specifies a
    default type="button" when no type is provided. In previous versions, if
    the attribute was not specified for buttons associated with a <form> the
    default value was submit per the specification. You can preserve the old
    behavior by explicitly setting the type attribute: <Button type="submit" />
    The Rename by regex transformation has been improved to allow global
    patterns of the form /<stringToReplace>/g . Depending on the regex match
    used, this may cause some transformations to behave slightly differently.
    You can guarantee the same behaviour as before by wrapping the match string
    in forward slashes ( / ), e.g. (.*) would become /(.*)/ <Select /> menus
    will now portal to the document body by default. This is to give more
    consistent behaviour when positioning and overlaying. If you were setting
    menuShouldPortal={true} before you can safely remove that prop and
    behaviour will be the same. If you weren't explicitly setting that prop,
    there should be no visible changes in behaviour but your tests may need
    updating. If you were setting menuShouldPortal={false} this will continue
    to prevent the menu from portalling. Grafana alerting endpoint prefixed
    with api/v1/rule/test that tests a rule against a Corte/Loki data source
    now expects the data source UID as a path parameter instead of the data
    source numeric identifier. Grafana alerting endpoints prefixed with api/
    prometheus/ that proxy requests to a Cortex/Loki data source now expect the
    data source UID as a path parameter instead of the data source numeric
    identifier. Grafana alerting endpoints prefixed with api/ruler/ that proxy
    requests to a Cortex/Loki data source now expect the data source UID as a
    path parameter instead of the data Grafana alerting endpoints prefixed with
    api/alertmanager/ that proxy requests to an Alertmanager now expect the
    data source UID as a path parameter instead of the data source numeric
    identifier. The format of log messages have been updated, lvl is now level
    and eror and dbug has been replaced with error and debug . The precision of
    timestamps has been increased. To smooth the transition, it is possible to
    opt-out of the new log format by enabling the feature toggle oldlog . This
    option will be removed in a future minor release. In the Loki data source,
    the dataframe format used to represent Loki logs-data has been changed to a
    more efficient format. The query-result is represented by a single
    dataframe with a "labels" column, instead of the separate dataframes for
    every labels-value. When displaying such data in explore, or in a
    logs-panel in the dashboard will continue to work without changes, but if
    the data was loaded into a different dashboard-panel, or Transforms were
    used, adjustments may be necessary. For example, if you used the "labels to
    fields" transformation with the logs data, please switch to the "extract
    fields" transformation.
  o Update to version 8.5.22:
  o Fix XSS in Graphite functions tooltip (bsc#1209645, CVE-2023-1410)
  o Update to version 8.5.21:
  o Apply attribute sanitation to GeomapPanel (bsc#1208821, CVE-2023-0507)
  o Avoid storing XSS in TraceView panel (bsc#1208819, CVE-2023-0594)
  o Login: Fix panic when UpsertUser is called without ReqContext
  o Fix basic authentication bypass by updating the exporter toolkit to version
    0.7.3 (bsc#1208065, CVE-2022-46146).
  o Require Go 1.19 or newer (bsc#1208293, CVE-2022-41723)
  o Update to version 8.5.20:
  o Security: SVG: Add dompurify preprocessor step (bsc#1207749,
  o Security: Snapshots: Fix originalUrl spoof security issue (bsc#1207750,
  o Security: Omit error from http response
  o Bug fix: Email and username trimming and invitation validation
  o Update to version 8.5.15 (jsc#PED-2617):
  o Security: Fix for privilege escalation (bsc#1205225, CVE-2022-39306)
  o Security: Omit error from http response when user does not exists (bsc#
    1205227, CVE-2022-39307)
  o Update to version 8.5.14:
  o Security: Fix do not forward login cookie in outgoing requests (bsc#
    1204303, CVE-2022-39201)
  o Security: Make proxy endpoints not leak sensitive HTTP headers (bsc#
    1204305, CVE-2022-31130)
  o Security: Fix plugin signature bypass (bsc#1204302, CVE-2022-31123)
  o Security: Fix blocknig other users from signing in (bsc#1204304,
  o Update to version 8.5.13 (jsc#PED-2145):
  o Features and enhancements:
      ? Plugins: Expose emotion/react to plugins to prevent load failures
  o Bug fix:
      ? AuthNZ: Security fixes for (bsc#1203596, CVE-2022-36062) and (bsc#
        1203597, CVE-2022-35957)
  o Update to version 8.5.11:
      ? Rendering: Add support for renderer token
      ? Alerting: AlertingProxy to elevate permissions for request forwarded to
        data proxy when RBAC enabled
  o Update to version 8.5.10
  o Bug fixes (8.5.10):
      ? RBAC: Fix Anonymous Editors missing dashboard controls. #52649, @gamab
  o Bug fixes (8.5.9):
      ? Security: Fixes for CVE-2022-31107 and CVE-2022-31097. #52238, @xlson
  o Bug fixes (8.5.6):
      ? Dashboard: Fixes random scrolling on time range change. #50379,
      ? Security: Fixes minor code scanning security warnings in old vendored
        javascript libs. #50382, @torkelo
  o Features and enhancements (8.5.5):
      ? Azure Monitor: Include datasource ref when interpolating variables. #
        49543, @kevinwcyu
      ? CloudWatch: Add multi-value template variable support for log group
        names in logs query builder. #49737, @kevinwcyu
      ? Cloudwatch: Add template variable query function for listing log
        groups. #50100, @yaelleC
  o Bug fixes (8.5.5):
      ? Alerting: Do not overwrite existing alert rule condition. #49920,
      ? Alerting: Remove double quotes from matchers. #50044, @alexweav
  o Features and enhancements (8.5.4):
      ? Alerting: Remove disabled flag for data source when migrating alerts. #
        48559, @yuri-tceretian
      ? Alerting: Show notification tab of legacy alerting only to editor. #
        49624, @yuri-tceretian
      ? Alerting: Update migration to migrate only alerts that belong to
        existing org\dashboard. #49192, @yuri-tceretian
      ? AzureMonitor: Do not quote variables when a custom "All" variable
        option is used. #49428, @andresmgot
      ? AzureMonitor: Update allowed namespaces. #48468, @jcolladokuri
      ? CloudMonitor: Correctly encode default project response. #49510,
      ? Cloudwatch: Add support for new AWS/RDS EBS* metrics. #48798, @szymonpk
      ? InfluxDB: Use backend for influxDB by default via feature toggle. #
        48453, @yesoreyeram
      ? Legend: Use correct unit for percent and count calculations. #49004,
      ? LokI: use millisecond steps in Grafana 8.5.x. #48630, @gabor
      ? Plugins: Introduce HTTP 207 Multi Status response to api/ds/query. #
        48550, @wbrowne
      ? Transformations: Add an All Unique Values Reducer. #48653, @josiahg
      ? Transformers: avoid error when the ExtractFields source field is
        missing. #49368, @wardbekker
      ? [v8.5.x] Alerting: Update migration to migrate only alerts that belong
        to existing org\dashboard. #49199, @grafanabot
  o Bug fixes (8.5.4):
      ? Alerting: Allow disabling override timings for notification policies. #
        48648, @gillesdemey
      ? Alerting: Allow serving images from custom url path. #49022,
      ? Alerting: Apply Custom Headers to datasource queries. #47860,
      ? Alerting: Fix RBAC actions for notification policies. #49185,
      ? Alerting: Fix access to alerts for viewer with editor permissions when
        RBAC is disabled. #49270, @yuri-tceretian
      ? Alerting: Fix anonymous access to alerting. #49203,
      ? Alerting: correctly show all alerts in a folder. #48684,
      ? AzureMonitor: Fixes metric definition for Azure Storage queue/file/blob
        /table resources. #49101, @aangelisc
      ? Dashboard: Fix dashboard update permission check. #48746,
      ? DashboardExport: Fix exporting and importing dashboards where query
        data source ended up as incorrect. #48410, @torkelo
      ? FileUpload: clicking the Upload file button now opens their modal
        correctly. #48766, @ashharrison90
      ? GrafanaUI: Fix color of links in error Tooltips in light theme. #49327,
      ? LibraryPanels: Fix library panels not connecting properly in imported
        dashboards. #49161, @joshhunt
      ? Loki: Improve unpack parser handling. #49074, @gabor
      ? RolePicker: Fix menu position on smaller screens. #48429, @Clarity-89
      ? TimeRange: Fixes updating time range from url and browser history. #
        48657, @torkelo
      ? TimeSeries: Fix detection & rendering of sparse datapoints. #48841,
      ? Timeseries: Fix outside range stale state. #49633, @ryantxu
      ? Tooltip: Fix links not legible in Tooltips when using light theme. #
        48748, @joshhunt
      ? Tooltip: Sort decimals using standard numeric compare. #49084, @dprokop
      ? Transforms: Labels to fields, fix label picker layout. #49304, @torkelo
      ? Variables: Fixes issue with data source variables not updating queries
        with variable. #49478, @torkelo
      ? [v8.5.x] Alerting: Fix RBAC actions for notification policies (#49185).
        #49348, @yuri-tceretian
      ? [v8.5.x] Alerting: Fix access to alerts for viewer with editor
        permissions when RBAC is disabled. #49427, @konrad147
      ? [v8.5.x] Alerting: Fix anonymous access to alerting. #49268,
  o Breaking changes (8.5.4): For a data source query made via /api/ds/query:
    If the DatasourceQueryMultiStatus feature is enabled and The data source
    response has an error set as part of the DataResponse, the resulting HTTP
    status code is now 207 Multi Status instead of 400 Bad gateway If the
    DatasourceQueryMultiStatus feature is not enabled and DataResponse, the
    resulting HTTP status code is 400 Bad Request (no breaking change) -->
    Issue #48550
  o Bug fixes (8.5.3):
      ? Security: fixes CVE-2022-29170. #49240, @xlson
  o Features and enhancements (8.5.2):
      ? Alerting: Add safeguard for migrations that might cause dataloss. #
        48526, @JohnnyQQQQ
      ? AzureMonitor: Add support for not equals and startsWith operators when
        creating Azure Metrics dimension filters. #48077, @aangelisc
      ? Elasticsearch: Add deprecation notice for < 7.10 versions.

    48506, @ivanahuckova

      ? Traces: Filter by service/span name and operation in Tempo and Jaeger.
        #48209, @joey-grafana
  o Bug fixes (8.5.2):
      ? AzureAd Oauth: Fix strictMode to reject users without an assigned role.
        #48474, @kyschouv
      ? CloudWatch: Fix variable query tag migration. #48587, @iwysiu
      ? Plugins: Ensure catching all appropriate 4xx api/ds/query scenarios. #
        47565, @wbrowne
  o Bug fixes (8.5.1):
      ? Azure Monitor: Fix space character encoding for metrics query link to
        Azure Portal. #48139, @kevinwcyu
      ? CloudWatch: Prevent log groups from being removed on query change. #
        47994, @asimpson
      ? Cloudwatch: Fix template variables in variable queries. #48140, @iwysiu
      ? Explore: Prevent direct access to explore if disabled via feature
        toggle. #47714, @Elfo404
      ? InfluxDB: Fixes invalid no data alerts. #48295, @yesoreyeram
      ? Navigation: Prevent navbar briefly showing on login. #47968,
      ? Plugins Catalog: Fix styling of hyperlinks. #48196, @marefr
      ? Table: Fix filter crashes table. #48258, @zoltanbedi
      ? TimeSeries: Properly stack series with missing datapoints. #48321,
  o Features and enhancements (8.5.0):
      ? Alerting: Add contact points provisioning API. #47197, @JohnnyQQQQ
      ? Alerting: Add resolved count to notification title when both firing and
        resolved present. #46697, @JacobsonMT
      ? Alerting: Alert rule should wait For duration when execution error
        state is Alerting. #47052, @grobinson-grafana
      ? Alerting: Classic conditions can now display multiple values. #46971,
      ? Alerting: Display query from grafana-managed alert rules on /api/v1/
        rules. #45969, @gotjosh
      ? Alerting: Enhance support for arbitrary group names in managed alerts.
        #47785, @gillesdemey
      ? Alerting: add field for custom slack endpoint. #45751, @nathanrodman
      ? Azure Monitor : Adding json formatting of error messages in Panel
        Header Corner and Inspect Error Tab. #44877, @yaelleC
      ? Azure Monitor: Add 2 more Curated Dashboards for VM Insights. #45187,
      ? CloudWatch: Handle new error codes for MetricInsights. #47033,
      ? Dashboards: show changes in save dialog. #46557, @ryantxu
      ? DataSource: Default data source is no longer a persisted state but just
        the default data source for new panels. #45132, @torkelo
      ? DataSourcePlugin API: Allow queries import when changing data source
        type. #47435, @dprokop
      ? Explore: Remove return to panel button. #45018, @gelicia
      ? Explore: allow users to save Explore state to a new panel in a new
        dashboard. #45148, @Elfo404
      ? Instrumentation: Proxy status code correction and various improvements.
        #47473, @marefr
      ? Logging: Introduce feature toggle to activate gokit/log format. #47336,
      ? NewsPanel: Add support for Atom feeds. #45390, @kaydelaney
      ? Plugins: Add deprecation notice for /api/tsdb/query endpoint. #45238,
      ? Plugins: Adding support for traceID field to accept variables. #45559,
      ? PostgreSQL: __unixEpochGroup to support arithmetic expression as
        argument. #46764, @s0nik42
      ? Profile/Help: Expose option to disable profile section and help menu. #
        46308, @cameronwaterman
      ? Prometheus: Enable new visual query builder by default. #46634,
      ? SAML: Allow disabling of SAML signups. #47481, @mmandrus
      ? SAML: Allow disabling of SAML signups. (Enterprise)
      ? Table: New pagination option. #45732, @zoltanbedi
      ? TablePanel: Add cell inspect option. #45620, @dprokop
      ? Tempo / Trace Viewer: Support Span Links in Trace Viewer. #45632,
      ? Tempo: Download span references in data inspector. #47074,
      ? Tempo: Separate trace to logs and loki search datasource config. #
        46655, @connorlindsey
      ? Trace View: Show number of child spans. #44393, @tharun208
      ? Transformations: Support escaped characters in key-value pair parsing.
        #47901, @aangelisc
  o Bug fixes (8.5.0):
      ? Azure Monitor: Bug Fix for incorrect variable cascading for template
        variables. #47478, @jcolladokuri
      ? CloudWatch: List all metrics properly in SQL autocomplete. #45898,
      ? CloudWatch: Run query on blur in logs query field. #47454, @fridgepoet
      ? Dashboard: Template variables are now correctly persisted when clicking
        breadcrumb links. #46790, @ashharrison90
      ? DashboardPage: Remember scroll position when coming back panel edit /
        view panel. #47639, @torkelo
      ? Panel Edit: Options search now works correctly when a logarithmic scale
        option is set. #47927, @ashharrison90
      ? Postgres: Return tables with hyphenated schemes. #45754, @zuchka
      ? Table panel: Fix horizontal scrolling when pagination is enabled. #
        47776, @dprokop
      ? Variables: Ensure variables in query params are correctly recognised. #
        47049, @ashharrison90
      ? Variables: Fix crash when changing query variable datasource. #44957,
      ? Visualizations: Stack negative-valued series downwards. #47373,
  o Breaking changes (8.5.0): For a proxied request, e.g. Grafana's datasource
    or plugin proxy: If the request is cancelled, e.g. from the browser/by the
    client, the HTTP status code is now 499 Client closed request instead of
    502 Bad gateway If the request times out, e.g. takes longer time than
    allowed, the HTTP status code is now 504 Gateway timeout instead of 502 Bad
    gateway. Issue #47473 The change in behavior is that negative-valued series
    are now stacked downwards from 0 (in their own stacks), rather than
    downwards from the top of the positive stacks. We now automatically group
    stacks by Draw style, Line interpolation, and Bar alignment, making it
    impossible to stack bars on top of lines, or smooth lines on top of stepped
    lines. Issue #47373 The meaning of the default data source has now changed
    from being a persisted property in a panel. Before when you selected the
    default data source for a panel and later changed the default data source
    to another data source it would change all panels who were configured to
    use the default data source. From now on the default data source is just
    the default for new panels and changing the default will not impact any
    currently saved dashboards. Issue #45132 The Tooltip component provided by
    @grafana/ui is no longer automatically interactive (that is you can hover
    onto it and click a link or select text). It will from now on by default
    close automatically when you mouse out from the trigger element. To make
    tooltips behave like before set the new interactive property to true.
  o Deprecations (8.5.0): /api/tsdb/query API has been deprecated and will be
    removed in a future release. Use /api/ds/query instead. Issue #45238
  o Plugin development fixes & changes (8.5.0):
      ? Card: Increase clickable area when meta items are present. #47935,
      ? Loki: Fix operator description propup from being shortened. #46575,
      ? Tooltips: Make tooltips non interactive by default. #45053, @torkelo
  o Features and enhancements (8.4.7):
      ? CloudWatch: Added missing MemoryDB Namespace metrics. #47290,
      ? Histogram Panel: Take decimal into consideration. #47330, @mdvictor
      ? TimeSeries: Sort tooltip values based on raw values. #46738, @dprokop
  o Bug fixes (8.4.7):
      ? API: Include userId, orgId, uname in request logging middleware. #
        47183, @marefr
      ? Elasticsearch: Respect maxConcurrentShardRequests datasource setting. #
        47120, @alexandrst88
  o Features and enhancements (8.4.5):
      ? Instrumentation: Make backend plugin metrics endpoints available with
        optional authentication. #46467, @marefr
      ? Table panel: Show datalinks for cell display modes JSON View and Gauge
        derivates. #46020, @mdvictor
  o Bug fixes (8.4.5):
      ? Azure Monitor: Small bug fixes for Resource Picker. #46665,
      ? Logger: Use specified format for file logger. #46970, @sakjur
      ? Logs: Handle missing fields in dataframes better. #46963, @gabor
      ? ManageDashboards: Fix error when deleting all dashboards from folder
        view. #46877, @joshhunt
  o Features and enhancements (8.4.4):
      ? Loki: Add unpack to autocomplete suggestions (#44623). #46573, @glintik
      ? Plugins: allow using both Function and Class components for app
        plugins. #46148, @leventebalogh
      ? TimeSeries: Add migration for Graph panel's transform series override.
        #46577, @dprokop
      ? TimeSeries: Preserve null/undefined values when performing negative y
        transform. #46584, @dprokop
  o Bug fixes (8.4.4):
      ? CloudWatch: Use default http client from aws-sdk-go. #46370, @sunker
      ? Dashboards: Fixes repeating by row and no refresh. #46565,
      ? Gauge: Fixes blank viz when data link exists and orientation was
        horizontal. #46335, @torkelo
      ? Search: sort results correctly when using postgres. #46466, @xlson
      ? TagsInput: fix tags remove button accessibility issues. #46254,
      ? TextPanel: Sanitize after markdown has been rendered to html. #46166,
  o Features and enhancements (8.4.3):
      ? Alerting: Grafana uses > instead of >= when checking the For duration.
      ? Alerting: Use expanded labels in dashboard annotations. #45726,
      ? Logs: Escape windows newline into single newline. #45771, @perosb
  o Bug fixes (8.4.3):
      ? Alerting: Fix use of > instead of >= when checking the For duration. #
        46011, @grobinson-grafana
      ? Azure Monitor: Fixes broken log queries that use workspace. #45820,
      ? CloudWatch: Remove error message when using multi-valued template vars
        in region field. #45886, @sunker
      ? Middleware: Fix IPv6 host parsing in CSRF check. #45911, @ying-jeanne
  o Plugin development fixes & changes (8.4.3):
      ? ClipboardButton: Use a fallback when the Clipboard API is unavailable.
        #45831, @ashharrison90
  o Features and enhancements (8.4.2):
      ? OAuth: Add setting to skip org assignment for external users. #34834,
      ? Tracing: Add option to map tag names to log label names in trace to
        logs settings. #45178, @connorlindsey
  o Bug fixes (8.4.2):
      ? Explore: Fix closing split pane when logs panel is used. #45602,
  o Features and enhancements (8.4.1):
      ? Cloudwatch: Add support for AWS/PrivateLink* metrics and dimensions. #
        45515, @szymonpk
      ? Configuration: Add ability to customize okta login button name and
        icon. #44079, @DanCech
      ? Tempo: Switch out Select with AsyncSelect component to get loading
        state in Tempo Search. #45110, @CatPerry
  o Bug fixes (8.4.1):
      ? Alerting: Fix migrations by making send_alerts_to field nullable. #
        45572, @santihernandezc
  o Features and enhancements (8.4.0):
      ? API: Extract OpenAPI specification from source code using go-swagger. #
        40528, @papagian
      ? AccessControl: Disable user remove and user update roles when they do
        not have the permissions. #43429, @Jguer
      ? AccessControl: Provisioning for teams. #43767, @gamab
      ? API: Add usage stats preview endpoint. #43899, @Jguer
      ? Alerting: Move slow queries in the scheduler to another goroutine. #
        44423, @grobinson-grafana
      ? Alerting: Use time.Ticker instead of alerting.Ticker in ngalert. #
        44395, @grobinson-grafana
      ? Alerting: add custom grouping to Alert Panel. #44559,
      ? Analytics: Add user id tracking to google analytics. #42763, @autoric
      ? Angular: Add AngularJS plugin support deprecation plan to docs site. #
        45149, @torkelo
      ? Auth: implement auto_sign_up for auth.jwt. #43502, @sakjur
      ? Azure Monitor Logs: Order subscriptions in resource picker by name. #
        45228, @sunker
      ? Azure monitor Logs: Optimize data fetching in resource picker. #44549,
      ? AzureMonitor: Filter list of resources by resourceType. #43522,
      ? BarChart: color by field, x time field, bar radius, label skipping. #
        43257, @leeoniya
      ? Chore: Implement OpenTelemetry in Grafana. #42674, @idafurjes
      ? Cloud Monitoring: Adds metric type to Metric drop down options. #43268,
      ? CloudWatch: Add Data Lifecycle Manager metrics and dimension. #43310,
      ? CloudWatch: Add Missing Elasticache Host-level metrics. #43455, @dhendo
      ? CloudWatch: Add all ElastiCache Redis Metrics. #43336, @siavashs
      ? CloudWatch: Add new AWS/ES metrics. #43034, @sunker
      ? Cloudwatch: Add syntax highlighting and autocomplete for "Metric
        Search". #43985, @sarahzinger
      ? Explore: Support custom display label for exemplar links for Prometheus
        datasource. #42732, @JokerQueue
      ? Hotkeys: Make time range absolute/permanent. #43802, @davkal
      ? Playlists: Enable sharing direct links to playlists. #44161,
      ? SQLStore: Prevent concurrent migrations. #44101, @papagian
      ? SSE: Add Mode to drop NaN/Inf/Null in Reduction operations. #43583,
      ? Setting: Support configuring feature toggles with bools instead of just
        passing an array. #43326, @bergquist
      ? TimeSeries: Add support for negative Y and constant transform. #44774,
      ? Transformations: Add 'JSON' field type to ConvertFieldTypeTransformer.
        #42624, @sd2k
  o Bug fixes (8.4.0):
      ? Auth: Guarantee consistency of signed SigV4 headers. #45054, @wbrowne
      ? CloudWatch: Fix MetricName resetting on Namespace change. #44165,
      ? Cloudwatch : Fixed reseting metric name when changing namespace in
        Metric Query. #44612, @yaelleC
      ? Explore: Avoid locking timepicker when range is inverted. #44790,
      ? Instrumentation: Fix HTTP request instrumentation of authentication
        failures. #44234, @marefr
      ? LibraryPanels: Prevent long descriptions and names from obscuring the
        delete button. #45190, @zuchka
      ? OAuth: Fix parsing of ID token if header contains non-string value. #
        44159, @marefr
      ? Panel Edit: Visualization search now works correctly with special
        characters. #45137, @ashharrison90
      ? Provisioning: Fix duplicate validation when multiple organizations have
        been configured. #44151, @marefr
      ? QueryField: Fix issue with undo history when suggestion is inserted (#
        28656). #39114, @glintik
      ? TablePanel: Do not prefix columns with frame name if multiple frames
        and override active. #45174, @mdvictor
  o Deprecations (8.4.0): AngularJS plugin support is now in a deprecated
    state, meaning it will be removed in a future release. Currently, that is
    planned for version 10 (in 2023). The documentation site has an article
    with more details on why, when, and how. Issue #45149
  o Update to version 8.3.10
  o Security:
      ? Fixes XSS vulnerability in the Unified Alerting (bsc#1201535,
      ? Fixes OAuth account takeover vulnerability (bsc#1201539,
  o Update to version 8.3.9
  o Bug fixes:
      ? Geomap: Display legend
      ? Prometheus: Fix timestamp truncation
  o Update to version 8.3.7
      ? Provisioning: Ensure that the default value for orgID is set when
        provisioning datasources to be deleted.
  o Update to version 8.3.6
      ? Cloud Monitoring: Reduce request size when listing labels.
      ? Explore: Show scalar data result in a table instead of graph.
      ? Snapshots: Updates the default external snapshot server URL.
      ? Table: Makes footer not overlap table content.
      ? Tempo: Add request histogram to service graph datalink.
      ? Tempo: Add time range to tempo search query behind a feature flag.
      ? Tempo: Auto-clear results when changing query type.
      ? Tempo: Display start time in search results as relative time.
      ? CloudMonitoring: Fix resource labels in query editor.
      ? Cursor sync: Apply the settings without saving the dashboard.
      ? LibraryPanels: Fix for Error while cleaning library panels.
      ? Logs Panel: Fix timestamp parsing for string dates without timezone.
      ? Prometheus: Fix some of the alerting queries that use reduce/math
      ? TablePanel: Fix ad-hoc variables not working on default datasources.
      ? Text Panel: Fix alignment of elements.
      ? Variables: Fix for constant variables in self referencing links.
  o Update _constraints to require at least 5GB, because with less we can't
    build it.
  o Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422, jsc#SLE-24565)
  o Security: Fixes CVE-2021-43813 and CVE-2021-43815, bsc#1193686.
  o Security: Fixes CVE-2021-43798, bsc#1193492.
  o Security: Fixes CVE-2021-41244, bsc#1192763.
  o Security: Fixes CVE-2021-41174, bsc#1192383. fix CVE-2021-3711, bsc#
      ? Security: Update dependencies to fix CVE-2021-36222, bsc#1188571.


  o Version 5.0.1-1
  o Bump version to 5.0.0
  o Version 4.4.6-1
  o Remove unused makefiles
  o Version 4.4.5-1
  o Use http to connect to localhost server
  o Use bundle CA certificate in rhnpush
  o Version 4.4.4-1
  o remove pylint check at build time
  o Version 4.4.3-1
  o Ensure installation of make for building
  o Version 4.4.2-1
  o Update translation strings
  o Version 4.4.1-1
  o Bump version to 4.4.0


  o Use obscpio for go modules service
  o Set version number
  o Set build date from SOURCE_DATE_EPOCH
  o Update to 0.24.0 (bsc#1212279, jsc#PED-4556)
  o Requires go1.19
  o Drop:
  o Avoid empty validation script
  o Add rc symlink for backwards compatibility
  o Fix authentication bypass via cache poisoning (CVE-2022-46146, bsc#1208062)
  o Add min_version parameter of tls_config to allow enabling TLS 1.0 and 1.1
  o On SUSE Linux Enterprise build always with Go >= 1.19 (bsc#1203599)
  o Build with go1.18 only for SLE-15-SP3 and build with >= go1.19 on higher SP
  o Require go1.18 (bsc#1203599, GH#19127)
  o Exclude s390 arch
  o Fix %pre section to avoid empty content
  o Updated to allow building on older rpmbuild.
  o Enhanced to build on Enterprise Linux 8


  o CVE-2022-46146: Fix authentication bypass via cache poisoning (bsc#1208060)
  o Remove duplicated call to systemd requirements
  o Do not build debug if RHEL >= 8
  o Do not strip if SUSE Linux Enterprise 15 SP3
  o Build at least with with Go >= 1.18 on RHEL
  o Build with Go >= 1.20 elsewhere
  o Adapt the systemd service security configuration to be able to start it on
    RHEL systems and clones
  o Create the prometheus user for RHEL systems and clones
  o Fix _service to pull correct version
  o Use go_modules source service
  o Upgrade to version 0.10.1:
  o Fix broken log-level for values other than debug (bsc#1208965)
  o Version/release lines above first usage of those macros. gh#uyuni-project/
  o Prevent empty %pre section
  o Exclude s390 builds
  o Updated for RHEL8.


  o Declare the LICENSE file as license and not doc


  o Preparing submission to SUSE:SLE-15-SP3:Update as part of ECO PED-3623.


  o Version 5.0.1-1
  o Specify a packager for Debian like distros
  o Version 4.4.6-1
  o Remove unused makefiles
  o Version 4.4.5-1
  o Use bundle CA certificate in rhnpush
  o Version 4.4.4-1
  o Only use TLSv1+ for SSL connections
  o Version 4.4.3-1
  o Ensure installation of make for building
  o Version 4.4.2-1
  o Don't get stuck at the end of SSL transfers (bsc#1204032)
  o Version 4.4.1-1
  o Bump version to 4.4.0


  o Version 5.0.1-1
  o Use localhost without ssl when running on the server
  o Version 4.4.10-1
  o Update translation strings
  o Version 4.4.9-1
  o Version 4.4.8-1
  o Add spacecmd function: cryptokey_update
  o Bypass traditional systems check on older SUMA instances (bsc#1208612)
  o fix argument parsing of distribution_update (bsc#1210458)
  o Version 4.4.7-1
  o remove pylint check at build time
  o Display activation key details after executing the corresponding command
  o Show targetted packages before actually removing them (bsc#1207830)
  o Version 4.4.6-1
  o Fix spacecmd not showing any output for softwarechannel_diff and
    softwarechannel_errata_diff (bsc#1207352)
  o Version 4.4.5-1
  o Prevent string api parameters to be parsed as dates if not in ISO-8601
    format (bsc#1205759)
  o Add python-dateutil dependency, required to process date values in spacecmd
    api calls
  o Remove python3-simplejson dependency
  o Version 4.4.4-1
  o Correctly understand 'ssm' keyword on scap scheduling
  o Add vendor_advisory information to errata_details call (bsc#1205207)
  o Change default port of "Containerized Proxy configuration" 8022
  o Version 4.4.3-1
  o Added two missing options to schedule product migration:
    allow-vendor-change and remove-products-without-successor (bsc#1204126)
  o Changed schedule product migration to use the correct API method
  o Fix dict_keys not supporting indexing in systems_setconfigchannelorger
  o Added a warning message for traditional stack deprecation
  o Remove "Undefined return code" from debug messages (bsc#1203283)
  o Version 4.4.2-1
  o Stop always showing help for valid proxy_container_config calls
  o Version 4.4.1-1
  o Process date values in spacecmd api calls (bsc#1198903)
  o Improve Proxy FQDN hint message
  o Version 4.3.14-1
  o Fix missing argument on system_listmigrationtargets (bsc#1201003)
  o Show correct help on calling kickstart_importjson with no arguments
  o Fix tracebacks on spacecmd kickstart_export (bsc#1200591)
  o Change proxy container config default filename to end with tar.gz
  o Version 4.3.13-1
  o Version 4.3.12-1
  o Version 4.3.11-1
  o on full system update call schedulePackageUpdate API (bsc#1197507)


  o Version 5.0.1-1
  o Bump version to 5.0.0
  o Version 4.4.7-1
  o Remove unused and deprecated/removed platform.dist import.
  o Version 4.4.6-1
  o Update translation strings
  o Tito requires to list the package source as %{name}-%{version}.tar.gz
  o Version 4.4.5-1
  o remove mgr-virtualization usage
  o remove dependency to suseRegisterInfo
  o Version 4.4.4-1
  o Version 4.4.3-1
  o Version 4.4.2-1
  o Version 4.4.1-1
  o Version 4.3.11-1
  o Version 4.3.10-1


  o Update to version 1.2.2
  o Remove possible passwords from Salt configuration files (bsc#1201059)
  o Update to version 1.2.1
  o Remove ERROR messages on Salt client systems
  o Declare the LICENSE file as license and not doc
  o Update to version 1.2.0
  o Add support for Salt Bundle


  o Version 5.0.1-1
  o Bump version to 5.0.0
  o Version 4.4.2-1
  o write configured crypto-policy in supportconfig
  o add cloud and payg checks
  o Version 4.4.1-1
  o Bump version to 4.4.0
  o Version 4.3.2-1
  o Add proxy containers config and logs


  o Version 5.0.1-1
  o Bump version to 5.0.0
  o Version 4.4.4-1
  o Workaround for python3-debian bug about collecting control file (bsc#
    1211525, bsc#1208692)
  o Accept missing rhn.conf file
  o Use context manager for apache users in fileutils.py.
  o Version 4.4.3-1
  o Ensure installation of make for building.
  o Use versioned Python during packaging.
  o Version 4.4.2-1
  o unify user notification code on java side
  o Version 4.4.1-1
  o Do not allow creating path if nonexistent user or group in fileutils.
  o Version 4.3.5-1
  o Fix reposync issue about 'rpm.hdr' object has no attribute 'get'


  o Version 5.0.1-1
  o Bump version to 5.0.0
  o Version 4.4.2-1
  o Fix script for allowing using container images from different registry
  o Allow using container images from different registry paths
  o Version 4.4.1-1
  o Expose /etc/sysconfig/proxy variables to container services (bsc#1202945)
  o Version 4.3.6-1
  o Expose port 80 (bsc#1200142)
  o Use volumes rather than bind mounts
  o TFTPD to listen on udp port (bsc#1200968)
  o Add TAG variable in configuration
  o Version 4.3.5-1
  o Fix containers namespaces in configuration
  o Version 4.3.4-1
  o Rename container_images_path specfile macro to less generic one
  o Version 4.3.3-1
  o Default to SUSE Manager images only when installed from SUSE Manager

Special Instructions and Notes:

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Manager Client Tools Beta for SLE Micro 5
    zypper in -t patch SUSE-SLE-Manager-Tools-Beta-For-Micro-5-2024-196=1
  o SUSE Manager Client Tools Beta for SLE 15
    zypper in -t patch SUSE-SLE-Manager-Tools-15-BETA-2024-196=1

Package List:

  o SUSE Manager Client Tools Beta for SLE Micro 5 (noarch)
      ? uyuni-proxy-systemd-services-5.0.1-159000.3.9.1
      ? dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1
  o SUSE Manager Client Tools Beta for SLE Micro 5 (aarch64 s390x x86_64)
      ? golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1
      ? prometheus-blackbox_exporter-0.24.0-159000.3.6.1
  o SUSE Manager Client Tools Beta for SLE 15 (noarch)
      ? spacewalk-client-tools-5.0.1-159000.6.48.1
      ? python3-pyvmomi-6.7.3-159000.3.6.1
      ? spacewalk-check-5.0.1-159000.6.48.1
      ? python3-rhnlib-5.0.1-159000.6.30.1
      ? dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1
      ? ansible-doc-2.9.27-159000.3.9.1
      ? ansible-2.9.27-159000.3.9.1
      ? python3-spacewalk-check-5.0.1-159000.6.48.1
      ? spacecmd-5.0.1-159000.6.42.1
      ? mgr-push-5.0.1-159000.4.21.1
      ? supportutils-plugin-salt-1.2.2-159000.5.9.1
      ? uyuni-proxy-systemd-services-5.0.1-159000.3.9.1
      ? python3-mgr-push-5.0.1-159000.4.21.1
      ? spacewalk-client-setup-5.0.1-159000.6.48.1
      ? supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1
      ? python3-spacewalk-client-setup-5.0.1-159000.6.48.1
      ? python3-spacewalk-client-tools-5.0.1-159000.6.48.1
      ? python3-hwdata-2.3.5-159000.5.13.1
  o SUSE Manager Client Tools Beta for SLE 15 (aarch64 ppc64le s390x x86_64)
      ? firewalld-prometheus-config-0.1-159000.6.33.1
      ? golang-github-boynux-squid_exporter-1.6-159000.4.9.1
      ? golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1
      ? grafana-9.5.8-159000.4.24.1
      ? grafana-debuginfo-9.5.8-159000.4.24.1
      ? prometheus-blackbox_exporter-0.24.0-159000.3.6.1
      ? prometheus-postgres_exporter-0.10.1-159000.3.6.1
      ? golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1
      ? golang-github-boynux-squid_exporter-debuginfo-1.6-159000.4.9.1
      ? python3-uyuni-common-libs-5.0.1-159000.3.33.1
      ? golang-github-lusitaniae-apache_exporter-debuginfo-1.0.0-159000.4.12.1
      ? golang-github-prometheus-prometheus-2.45.0-159000.6.33.1


  o https://www.suse.com/security/cve/CVE-2020-7753.html
  o https://www.suse.com/security/cve/CVE-2021-20178.html
  o https://www.suse.com/security/cve/CVE-2021-20180.html
  o https://www.suse.com/security/cve/CVE-2021-20191.html
  o https://www.suse.com/security/cve/CVE-2021-20228.html
  o https://www.suse.com/security/cve/CVE-2021-3447.html
  o https://www.suse.com/security/cve/CVE-2021-3583.html
  o https://www.suse.com/security/cve/CVE-2021-3620.html
  o https://www.suse.com/security/cve/CVE-2021-36222.html
  o https://www.suse.com/security/cve/CVE-2021-3711.html
  o https://www.suse.com/security/cve/CVE-2021-3807.html
  o https://www.suse.com/security/cve/CVE-2021-3918.html
  o https://www.suse.com/security/cve/CVE-2021-41174.html
  o https://www.suse.com/security/cve/CVE-2021-41244.html
  o https://www.suse.com/security/cve/CVE-2021-43138.html
  o https://www.suse.com/security/cve/CVE-2021-43798.html
  o https://www.suse.com/security/cve/CVE-2021-43813.html
  o https://www.suse.com/security/cve/CVE-2021-43815.html
  o https://www.suse.com/security/cve/CVE-2022-0155.html
  o https://www.suse.com/security/cve/CVE-2022-23552.html
  o https://www.suse.com/security/cve/CVE-2022-27664.html
  o https://www.suse.com/security/cve/CVE-2022-29170.html
  o https://www.suse.com/security/cve/CVE-2022-31097.html
  o https://www.suse.com/security/cve/CVE-2022-31107.html
  o https://www.suse.com/security/cve/CVE-2022-31123.html
  o https://www.suse.com/security/cve/CVE-2022-31130.html
  o https://www.suse.com/security/cve/CVE-2022-32149.html
  o https://www.suse.com/security/cve/CVE-2022-35957.html
  o https://www.suse.com/security/cve/CVE-2022-36062.html
  o https://www.suse.com/security/cve/CVE-2022-39201.html
  o https://www.suse.com/security/cve/CVE-2022-39229.html
  o https://www.suse.com/security/cve/CVE-2022-39306.html
  o https://www.suse.com/security/cve/CVE-2022-39307.html
  o https://www.suse.com/security/cve/CVE-2022-39324.html
  o https://www.suse.com/security/cve/CVE-2022-41715.html
  o https://www.suse.com/security/cve/CVE-2022-41723.html
  o https://www.suse.com/security/cve/CVE-2022-46146.html
  o https://www.suse.com/security/cve/CVE-2023-0507.html
  o https://www.suse.com/security/cve/CVE-2023-0594.html
  o https://www.suse.com/security/cve/CVE-2023-1387.html
  o https://www.suse.com/security/cve/CVE-2023-1410.html
  o https://www.suse.com/security/cve/CVE-2023-2183.html
  o https://www.suse.com/security/cve/CVE-2023-2801.html
  o https://www.suse.com/security/cve/CVE-2023-3128.html
  o https://bugzilla.suse.com/show_bug.cgi?id=1172110
  o https://bugzilla.suse.com/show_bug.cgi?id=1176460
  o https://bugzilla.suse.com/show_bug.cgi?id=1180816
  o https://bugzilla.suse.com/show_bug.cgi?id=1180942
  o https://bugzilla.suse.com/show_bug.cgi?id=1181119
  o https://bugzilla.suse.com/show_bug.cgi?id=1181935
  o https://bugzilla.suse.com/show_bug.cgi?id=1183684
  o https://bugzilla.suse.com/show_bug.cgi?id=1187725
  o https://bugzilla.suse.com/show_bug.cgi?id=1188061
  o https://bugzilla.suse.com/show_bug.cgi?id=1188571
  o https://bugzilla.suse.com/show_bug.cgi?id=1189520
  o https://bugzilla.suse.com/show_bug.cgi?id=1191454
  o https://bugzilla.suse.com/show_bug.cgi?id=1192154
  o https://bugzilla.suse.com/show_bug.cgi?id=1192383
  o https://bugzilla.suse.com/show_bug.cgi?id=1192696
  o https://bugzilla.suse.com/show_bug.cgi?id=1192763
  o https://bugzilla.suse.com/show_bug.cgi?id=1193492
  o https://bugzilla.suse.com/show_bug.cgi?id=1193686
  o https://bugzilla.suse.com/show_bug.cgi?id=1193688
  o https://bugzilla.suse.com/show_bug.cgi?id=1197507
  o https://bugzilla.suse.com/show_bug.cgi?id=1198903
  o https://bugzilla.suse.com/show_bug.cgi?id=1199810
  o https://bugzilla.suse.com/show_bug.cgi?id=1200142
  o https://bugzilla.suse.com/show_bug.cgi?id=1200480
  o https://bugzilla.suse.com/show_bug.cgi?id=1200591
  o https://bugzilla.suse.com/show_bug.cgi?id=1200968
  o https://bugzilla.suse.com/show_bug.cgi?id=1200970
  o https://bugzilla.suse.com/show_bug.cgi?id=1201003
  o https://bugzilla.suse.com/show_bug.cgi?id=1201059
  o https://bugzilla.suse.com/show_bug.cgi?id=1201535
  o https://bugzilla.suse.com/show_bug.cgi?id=1201539
  o https://bugzilla.suse.com/show_bug.cgi?id=1202614
  o https://bugzilla.suse.com/show_bug.cgi?id=1202945
  o https://bugzilla.suse.com/show_bug.cgi?id=1203283
  o https://bugzilla.suse.com/show_bug.cgi?id=1203596
  o https://bugzilla.suse.com/show_bug.cgi?id=1203597
  o https://bugzilla.suse.com/show_bug.cgi?id=1203599
  o https://bugzilla.suse.com/show_bug.cgi?id=1204032
  o https://bugzilla.suse.com/show_bug.cgi?id=1204126
  o https://bugzilla.suse.com/show_bug.cgi?id=1204302
  o https://bugzilla.suse.com/show_bug.cgi?id=1204303
  o https://bugzilla.suse.com/show_bug.cgi?id=1204304
  o https://bugzilla.suse.com/show_bug.cgi?id=1204305
  o https://bugzilla.suse.com/show_bug.cgi?id=1204501
  o https://bugzilla.suse.com/show_bug.cgi?id=1205207
  o https://bugzilla.suse.com/show_bug.cgi?id=1205225
  o https://bugzilla.suse.com/show_bug.cgi?id=1205227
  o https://bugzilla.suse.com/show_bug.cgi?id=1205599
  o https://bugzilla.suse.com/show_bug.cgi?id=1205759
  o https://bugzilla.suse.com/show_bug.cgi?id=1207352
  o https://bugzilla.suse.com/show_bug.cgi?id=1207749
  o https://bugzilla.suse.com/show_bug.cgi?id=1207750
  o https://bugzilla.suse.com/show_bug.cgi?id=1207830
  o https://bugzilla.suse.com/show_bug.cgi?id=1208046
  o https://bugzilla.suse.com/show_bug.cgi?id=1208049
  o https://bugzilla.suse.com/show_bug.cgi?id=1208060
  o https://bugzilla.suse.com/show_bug.cgi?id=1208062
  o https://bugzilla.suse.com/show_bug.cgi?id=1208065
  o https://bugzilla.suse.com/show_bug.cgi?id=1208270
  o https://bugzilla.suse.com/show_bug.cgi?id=1208293
  o https://bugzilla.suse.com/show_bug.cgi?id=1208298
  o https://bugzilla.suse.com/show_bug.cgi?id=1208612
  o https://bugzilla.suse.com/show_bug.cgi?id=1208692
  o https://bugzilla.suse.com/show_bug.cgi?id=1208719
  o https://bugzilla.suse.com/show_bug.cgi?id=1208819
  o https://bugzilla.suse.com/show_bug.cgi?id=1208821
  o https://bugzilla.suse.com/show_bug.cgi?id=1208965
  o https://bugzilla.suse.com/show_bug.cgi?id=1209113
  o https://bugzilla.suse.com/show_bug.cgi?id=1209645
  o https://bugzilla.suse.com/show_bug.cgi?id=1210458
  o https://bugzilla.suse.com/show_bug.cgi?id=1210640
  o https://bugzilla.suse.com/show_bug.cgi?id=1210907
  o https://bugzilla.suse.com/show_bug.cgi?id=1211525
  o https://bugzilla.suse.com/show_bug.cgi?id=1212099
  o https://bugzilla.suse.com/show_bug.cgi?id=1212100
  o https://bugzilla.suse.com/show_bug.cgi?id=1212279
  o https://bugzilla.suse.com/show_bug.cgi?id=1212641
  o https://bugzilla.suse.com/show_bug.cgi?id=1218843
  o https://bugzilla.suse.com/show_bug.cgi?id=1218844
  o https://jira.suse.com/browse/MSQA-718
  o https://jira.suse.com/browse/PED-2145
  o https://jira.suse.com/browse/PED-2617
  o https://jira.suse.com/browse/PED-3576
  o https://jira.suse.com/browse/PED-3694
  o https://jira.suse.com/browse/PED-4556
  o https://jira.suse.com/browse/PED-5405
  o https://jira.suse.com/browse/PED-5406
  o https://jira.suse.com/browse/SLE-23422
  o https://jira.suse.com/browse/SLE-23439
  o https://jira.suse.com/browse/SLE-23631
  o https://jira.suse.com/browse/SLE-24133
  o https://jira.suse.com/browse/SLE-24565
  o https://jira.suse.com/browse/SLE-24791

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:


Australian Computer Emergency Response Team
The University of Queensland
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
Comment: https://auscert.org.au/gpg-key/